Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Key WinHTTP Power Quality IPsec' = 'C:\iyqiuyz\rxcfuxzeyb.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Superfetch BranchCache Store] 'Start' = '00000002'
- 'C:\iyqiuyz\yaogfsweflog.exe' "c:\iyqiuyz\rxcfuxzeyb.exe"
- 'C:\iyqiuyz\rxcfuxzeyb.exe'
- 'C:\iyqiuyz\fsk3taparplhmq3onzg.exe'
- C:\iyqiuyz\rxcfuxzeyb.exe
- C:\iyqiuyz\yaogfsweflog.exe
- C:\iyqiuyz\dzyuahb
- %WINDIR%\iyqiuyz\jhqteskvuy0
- C:\iyqiuyz\jhqteskvuy0
- C:\iyqiuyz\fsk3taparplhmq3onzg.exe
- C:\iyqiuyz\yaogfsweflog.exe
- C:\iyqiuyz\rxcfuxzeyb.exe
- C:\iyqiuyz\fsk3taparplhmq3onzg.exe
- %WINDIR%\iyqiuyz\jhqteskvuy0
- 'or####rticle.net':80
- 're####eangry.net':80
- 'le###rdried.net':80
- 're####earticle.net':80
- 'or####ifteen.net':80
- 're####edried.net':80
- 'or###angry.net':80
- 're####efifteen.net':80
- 'le####article.net':80
- 'he###nangry.net':80
- 'ge###edried.net':80
- 'he####article.net':80
- 'le####fifteen.net':80
- 'he###ndried.net':80
- 'le###rangry.net':80
- 'he####fifteen.net':80
- 'or###dried.net':80
- 'he###angry.net':80
- 'di####ultangry.net':80
- 'he####rticle.net':80
- 'di#####ltarticle.net':80
- 'he###dried.net':80
- 'di####ultdried.net':80
- 'he####ifteen.net':80
- 'di#####ltfifteen.net':80
- 'ne####aryangry.net':80
- 'pl####ntangry.net':80
- 'ne#####ryarticle.net':80
- 'pl####ntarticle.net':80
- 'ne####arydried.net':80
- 'pl####ntdried.net':80
- 'ne#####ryfifteen.net':80
- 'pl####ntfifteen.net':80
- http://or####rticle.net/index.php?me########
- http://re####eangry.net/index.php?me########
- http://le###rdried.net/index.php?me########
- http://re####earticle.net/index.php?me########
- http://or####ifteen.net/index.php?me########
- http://re####edried.net/index.php?me########
- http://or###angry.net/index.php?me########
- http://re####efifteen.net/index.php?me########
- http://le####article.net/index.php?me########
- http://he###nangry.net/index.php?me########
- http://ge###edried.net/index.php?me########
- http://he####article.net/index.php?me########
- http://le####fifteen.net/index.php?me########
- http://he###ndried.net/index.php?me########
- http://le###rangry.net/index.php?me########
- http://he####fifteen.net/index.php?me########
- http://or###dried.net/index.php?me########
- http://he###angry.net/index.php?me########
- http://di####ultangry.net/index.php?me########
- http://he####rticle.net/index.php?me########
- http://di#####ltarticle.net/index.php?me########
- http://he###dried.net/index.php?me########
- http://di####ultdried.net/index.php?me########
- http://he####ifteen.net/index.php?me########
- http://di#####ltfifteen.net/index.php?me########
- http://ne####aryangry.net/index.php?me########
- http://pl####ntangry.net/index.php?me########
- http://ne#####ryarticle.net/index.php?me########
- http://pl####ntarticle.net/index.php?me########
- http://ne####arydried.net/index.php?me########
- http://pl####ntdried.net/index.php?me########
- http://ne#####ryfifteen.net/index.php?me########
- http://pl####ntfifteen.net/index.php?me########
- DNS ASK or####rticle.net
- DNS ASK re####eangry.net
- DNS ASK le###rdried.net
- DNS ASK re####earticle.net
- DNS ASK or####ifteen.net
- DNS ASK re####edried.net
- DNS ASK or###angry.net
- DNS ASK re####efifteen.net
- DNS ASK he###ndried.net
- DNS ASK he####article.net
- DNS ASK le####article.net
- DNS ASK ge####fifteen.net
- DNS ASK ge###edried.net
- DNS ASK he####fifteen.net
- DNS ASK le####fifteen.net
- DNS ASK he###nangry.net
- DNS ASK le###rangry.net
- DNS ASK he###angry.net
- DNS ASK di####ultangry.net
- DNS ASK he####rticle.net
- DNS ASK di#####ltarticle.net
- DNS ASK he###dried.net
- DNS ASK di####ultdried.net
- DNS ASK he####ifteen.net
- DNS ASK di#####ltfifteen.net
- DNS ASK pl####ntdried.net
- DNS ASK pl####ntarticle.net
- DNS ASK ne####aryangry.net
- DNS ASK or###dried.net
- DNS ASK ne#####ryarticle.net
- DNS ASK pl####ntfifteen.net
- DNS ASK ne####arydried.net
- DNS ASK pl####ntangry.net
- DNS ASK ne#####ryfifteen.net
- ClassName: 'Shell_TrayWnd' WindowName: ''