Technical Information
Malicious functions:
Creates and executes the following:
- "%HOMEPATH%\Local Settings\TempТоцЁшЁшюш" (downloaded from the Internet)
Modifies file system :
Creates the following files:
- %HOMEPATH%\Local Settings\TempТоцЁшЁшюш
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\тшти[1].ттт
Network activity:
Connects to:
- '??####.#######???????????????????.????????.?????':80
TCP:
HTTP GET requests:
- ??####.#######???????????????????.????????.?????/???#####
UDP:
- DNS ASK шш####.##итт‚тшиф‚т‚‚ф