Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\dtsp2da6tqfp.lnk
- %APPDATA%\microsoft\windows\start menu\programs\startup\drr0m5nz9ozw.lnk
- %APPDATA%\microsoft\windows\start menu\programs\startup\bndfyutvu6cn.lnk
- %TEMP%\bndfyutvu6cn.exe
- %APPDATA%\dtsp2da6tqfp.exe
- %APPDATA%\drr0m5nz9ozw.exe
- %APPDATA%\drr0m5nz9ozw.bak
- 'tw##.com':80
- http://www.tw##.com/index.php?pc######################################################################
- DNS ASK tw##.com
- '%TEMP%\bndfyutvu6cn.exe'
- '%APPDATA%\dtsp2da6tqfp.exe'
- '%APPDATA%\drr0m5nz9ozw.exe'