Technical Information
- %WINDIR%\syswow64\mspaint.exe
- %ALLUSERSPROFILE%\remcos\logs.dat
- 'co####security.com':80
- 'co####security.com':443
- 'ra####in.gleeze.com':6040
- 'ra#####nbk.gleeze.com':6040
- http://co####security.com/peoplesstubs/BTDBCDL.html
- http://co####security.com/IZvPLPlcOQdnewd.dll
- 'co####security.com':443
- DNS ASK co####security.com
- DNS ASK ra####in.gleeze.com
- DNS ASK ra#####nbk.gleeze.com
- '%WINDIR%\syswow64\mspaint.exe'