Technical Information
Malicious functions:
Creates and executes the following:
- '%TEMP%\temp2056145178.exe'
- '%TEMP%\temp2056145178.exe' (downloaded from the Internet)
Executes the following:
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE'
Modifies file system:
Creates the following files:
- %TEMP%\temp2056145178.exe
Network activity:
Connects to:
- '37.##0.41.155':80
TCP:
HTTP GET requests:
- http://37.##0.41.155/chipdd2.exe