Technical Information
- %TEMP%\pdfviewer_update.exe
- %TEMP%\wmp108.exe
- 'cr#####emindsplanet.com':80
- 'mp##.org':80
- 'do####onfoodie.com':80
- http://cr#####emindsplanet.com/images/headers/a.ssa
- http://mp##.org/images/banners/1203UKp.ssa
- http://do####onfoodie.com/images/1203UKp.ssa
- DNS ASK cr#####emindsplanet.com
- DNS ASK th####manbook.com
- DNS ASK mp##.org
- DNS ASK do####onfoodie.com
- '%TEMP%\pdfviewer_update.exe'
- '%TEMP%\pdfviewer_update.exe' ' (with hidden window)