Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Level Cache Time Presentation Window' = 'C:\lquftdubvdxqidk\sxnxlvjue.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\PC Web Profile iSCSI Program UPnP] 'ImagePath' = 'C:\lquftdubvdxqidk\sxnxlvjue.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\PC Web Profile iSCSI Program UPnP] 'Start' = '00000002'
- 'C:\lquftdubvdxqidk\pyarxguv.exe' "c:\lquftdubvdxqidk\sxnxlvjue.exe"
- 'C:\lquftdubvdxqidk\sxnxlvjue.exe'
- 'C:\lquftdubvdxqidk\w92w18pmtcrivxfacpj.exe'
- C:\lquftdubvdxqidk\sxnxlvjue.exe
- C:\lquftdubvdxqidk\pyarxguv.exe
- C:\lquftdubvdxqidk\w92w18pmtcrivxfacpj.exe
- %WINDIR%\lquftdubvdxqidk\tndph5tdmda
- C:\lquftdubvdxqidk\tndph5tdmda
- C:\lquftdubvdxqidk\pyarxguv.exe
- C:\lquftdubvdxqidk\sxnxlvjue.exe
- C:\lquftdubvdxqidk\w92w18pmtcrivxfacpj.exe
- %WINDIR%\lquftdubvdxqidk\tndph5tdmda
- 'fo###wfancy.net':80
- 'me###rfancy.net':80
- 'fo####laughter.net':80
- 'me####laughter.net':80
- 'fo####friend.net':80
- 'me####friend.net':80
- 'fo####consider.net':80
- 'me####consider.net':80
- 'al####yfriend.net':80
- 'al####ylaughter.net':80
- 'ge####manfancy.net':80
- 'ex#####ncefriend.net':80
- 'ge#####anlaughter.net':80
- 'al####yconsider.net':80
- 'ge####manfriend.net':80
- 'al####yfancy.net':80
- 'ge#####anconsider.net':80
- 'cr###fancy.net':80
- 'su####consider.net':80
- 'cr####aughter.net':80
- 'su###rfancy.net':80
- 'cr###friend.net':80
- 'th####tlaughter.net':80
- 'cr####onsider.net':80
- 'su####friend.net':80
- 'su####laughter.net':80
- 'be###fancy.net':80
- 'kn###fancy.net':80
- 'be####aughter.net':80
- 'kn####aughter.net':80
- 'be###friend.net':80
- 'kn###friend.net':80
- 'be####onsider.net':80
- 'kn####onsider.net':80
- 'fr###friend.net':80
- 'wa###trust.net':80
- 'wo###honor.net':80
- 'wa###system.net':80
- 'th####ttrust.net':80
- 'sm####either.net':80
- 'wo###system.net':80
- 'sm###honor.net':80
- 'wo####either.net':80
- 'th####tsystem.net':80
- 'su###rtrust.net':80
- 'cr###trust.net':80
- 'su####system.net':80
- 'cr###system.net':80
- 'th####tneither.net':80
- 'wa####either.net':80
- 'th####thonor.net':80
- 'wa###honor.net':80
- 'fr####aughter.net':80
- 'ex#####ncelaughter.net':80
- 'pa###trust.net':80
- 'fi###trust.net':80
- 'fr####onsider.net':80
- 'ex#####nceconsider.net':80
- 'fr###fancy.net':80
- 'ex####encefancy.net':80
- 'fi###system.net':80
- 'sm###trust.net':80
- 'pa###honor.net':80
- 'sm###system.net':80
- 'wo###trust.net':80
- 'fi####either.net':80
- 'pa###system.net':80
- 'fi###honor.net':80
- 'pa####either.net':80
- http://fo###wfancy.net/index.php
- http://me###rfancy.net/index.php
- http://fo####laughter.net/index.php
- http://me####laughter.net/index.php
- http://fo####friend.net/index.php
- http://me####friend.net/index.php
- http://fo####consider.net/index.php
- http://me####consider.net/index.php
- http://al####yfriend.net/index.php
- http://al####ylaughter.net/index.php
- http://ge####manfancy.net/index.php
- http://ex#####ncefriend.net/index.php
- http://ge#####anlaughter.net/index.php
- http://al####yconsider.net/index.php
- http://ge####manfriend.net/index.php
- http://al####yfancy.net/index.php
- http://ge#####anconsider.net/index.php
- http://cr###fancy.net/index.php
- http://su####consider.net/index.php
- http://cr####aughter.net/index.php
- http://su###rfancy.net/index.php
- http://cr###friend.net/index.php
- http://th####tlaughter.net/index.php
- http://cr####onsider.net/index.php
- http://su####friend.net/index.php
- http://su####laughter.net/index.php
- http://be###fancy.net/index.php
- http://kn###fancy.net/index.php
- http://be####aughter.net/index.php
- http://kn####aughter.net/index.php
- http://be###friend.net/index.php
- http://kn###friend.net/index.php
- http://be####onsider.net/index.php
- http://kn####onsider.net/index.php
- http://fr###friend.net/index.php
- http://wa###trust.net/index.php
- http://wo###honor.net/index.php
- http://wa###system.net/index.php
- http://th####ttrust.net/index.php
- http://sm####either.net/index.php
- http://wo###system.net/index.php
- http://sm###honor.net/index.php
- http://wo####either.net/index.php
- http://th####tsystem.net/index.php
- http://su###rtrust.net/index.php
- http://cr###trust.net/index.php
- http://su####system.net/index.php
- http://cr###system.net/index.php
- http://th####tneither.net/index.php
- http://wa####either.net/index.php
- http://th####thonor.net/index.php
- http://wa###honor.net/index.php
- http://fr####aughter.net/index.php
- http://ex#####ncelaughter.net/index.php
- http://pa###trust.net/index.php
- http://fi###trust.net/index.php
- http://fr####onsider.net/index.php
- http://ex#####nceconsider.net/index.php
- http://fr###fancy.net/index.php
- http://ex####encefancy.net/index.php
- http://fi###system.net/index.php
- http://sm###trust.net/index.php
- http://pa###honor.net/index.php
- http://sm###system.net/index.php
- http://wo###trust.net/index.php
- http://fi####either.net/index.php
- http://pa###system.net/index.php
- http://fi###honor.net/index.php
- http://pa####either.net/index.php
- DNS ASK fo###wfancy.net
- DNS ASK me###rfancy.net
- DNS ASK fo####laughter.net
- DNS ASK me####laughter.net
- DNS ASK fo####friend.net
- DNS ASK me####friend.net
- DNS ASK fo####consider.net
- DNS ASK me####consider.net
- DNS ASK al####yfriend.net
- DNS ASK al####ylaughter.net
- DNS ASK ge####manfancy.net
- DNS ASK ex#####ncefriend.net
- DNS ASK ge#####anlaughter.net
- DNS ASK al####yconsider.net
- DNS ASK ge####manfriend.net
- DNS ASK al####yfancy.net
- DNS ASK ge#####anconsider.net
- DNS ASK be####aughter.net
- DNS ASK su####consider.net
- DNS ASK cr####onsider.net
- DNS ASK su###rfancy.net
- DNS ASK cr###fancy.net
- DNS ASK th####tlaughter.net
- DNS ASK wa####aughter.net
- DNS ASK su####friend.net
- DNS ASK cr###friend.net
- DNS ASK cr####aughter.net
- DNS ASK kn###fancy.net
- DNS ASK be####onsider.net
- DNS ASK kn####aughter.net
- DNS ASK be###fancy.net
- DNS ASK kn###friend.net
- DNS ASK su####laughter.net
- DNS ASK kn####onsider.net
- DNS ASK be###friend.net
- DNS ASK wa###trust.net
- DNS ASK wo###honor.net
- DNS ASK wa###system.net
- DNS ASK th####ttrust.net
- DNS ASK sm####either.net
- DNS ASK wo###system.net
- DNS ASK sm###honor.net
- DNS ASK wo####either.net
- DNS ASK th####tsystem.net
- DNS ASK su###rtrust.net
- DNS ASK cr###trust.net
- DNS ASK su####system.net
- DNS ASK cr###system.net
- DNS ASK th####tneither.net
- DNS ASK wa####either.net
- DNS ASK th####thonor.net
- DNS ASK wa###honor.net
- DNS ASK sm###system.net
- DNS ASK ex#####ncelaughter.net
- DNS ASK fr###fancy.net
- DNS ASK fi###trust.net
- DNS ASK fr####aughter.net
- DNS ASK ex#####nceconsider.net
- DNS ASK fr###friend.net
- DNS ASK ex####encefancy.net
- DNS ASK fr####onsider.net
- DNS ASK pa###trust.net
- DNS ASK pa###honor.net
- DNS ASK fi###honor.net
- DNS ASK wo###trust.net
- DNS ASK sm###trust.net
- DNS ASK pa###system.net
- DNS ASK fi###system.net
- DNS ASK pa####either.net
- DNS ASK fi####either.net
- ClassName: 'Shell_TrayWnd' WindowName: ''