Technical Information
- %TEMP%\238866942124
- %APPDATA%\b47fe11f8b12c7\cred64.dll
- %APPDATA%\b47fe11f8b12c7\clip64.dll
- %TEMP%\238866942124
- '21#.#26.123.14':80
- http://21#.#26.123.14/8bmeVwqx/Plugins/cred64.dll
- http://21#.#26.123.14/8bmeVwqx/Plugins/clip64.dll
- http://21#.#26.123.14/8bmeVwqx/index.php
- http://21#.#26.123.14/8bmeVwqx/index.php?sc###
- '%WINDIR%\syswow64\rundll32.exe' %APPDATA%\b47fe11f8b12c7\cred64.dll, Main' (with hidden window)
- '%WINDIR%\syswow64\rundll32.exe' %APPDATA%\b47fe11f8b12c7\clip64.dll, Main' (with hidden window)
- '%WINDIR%\syswow64\rundll32.exe' %APPDATA%\b47fe11f8b12c7\cred64.dll, Main
- '%WINDIR%\syswow64\rundll32.exe' %APPDATA%\b47fe11f8b12c7\clip64.dll, Main
- '<SYSTEM32>\rundll32.exe' %APPDATA%\b47fe11f8b12c7\cred64.dll, Main