Technical Information
- 'ba###cks.com':80
- http://ba###cks.com/utaigom/arzuoz.php?ad########
- http://ba###cks.com/utaigom/ysautnmg.php?ad########
- http://ba###cks.com/utaigom/dubwucnvg.php?ad########
- http://ba###cks.com/utaigom/txfdyselte.php?ad########
- http://ba###cks.com/utaigom/zqksqlje.php?ad########
- http://ba###cks.com/utaigom/vzgomuf.php?ad########
- http://ba###cks.com/utaigom/ycpxe.php?ad########
- http://ba###cks.com/utaigom/lcjepkiq.php?ad########
- http://ba###cks.com/utaigom/mdyfelge.php?ad########
- http://ba###cks.com/utaigom/hyxrmxs.php?ad########
- http://ba###cks.com/utaigom/bfzhfdywe.php?ad########
- http://ba###cks.com/utaigom/mqlselg.php?ad########
- http://ba###cks.com/utaigom/vqkszys.php?ad################################################
- DNS ASK aa###rogen.com
- DNS ASK ba###cks.com
- '%WINDIR%\syswow64\cmd.exe' /c del <Full path to file> > nul' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c del <Full path to file> > nul