Technical Information
- %TEMP%\cllen.exe
- 'ju####quiros.com':80
- 'te###obrix.com':80
- 'te###obrix.com':443
- http://ju####quiros.com/images/2703UKd.git
- http://te###obrix.com/wp-content/uploads/2014/03/2703UKd.git
- 'te###obrix.com':443
- DNS ASK ju####quiros.com
- DNS ASK te###obrix.com
- '%TEMP%\cllen.exe'
- '%TEMP%\cllen.exe' ' (with hidden window)