Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Detection TPM Function Link-Layer' = '<SYSTEM32>\pdmagduhjj.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\pdmagduhjj.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\Control TPM Window Tablet Error Health] 'Start' = '00000002'
- Windows Security Center
- '<SYSTEM32>\ydffbeju.exe' "<SYSTEM32>\pdmagduhjj.exe"
- '%WINDIR%\Temp\lyyqvtg38rzwa.exe' -r 44709 tcp
- '%TEMP%\lyyqvtg32iqwrlepqvgf.exe'
- '<SYSTEM32>\pdmagduhjj.exe'
- <SYSTEM32>\sicmnpjbbkn\run
- <SYSTEM32>\sicmnpjbbkn\rng
- %WINDIR%\Temp\lyyqvtg38rzwa.exe
- <SYSTEM32>\sicmnpjbbkn\cfg
- <SYSTEM32>\ydffbeju.exe
- %TEMP%\lyyqvtg32iqwrlepqvgf.exe
- <SYSTEM32>\sicmnpjbbkn\tst
- <SYSTEM32>\pdmagduhjj.exe
- <SYSTEM32>\sicmnpjbbkn\etc
- <SYSTEM32>\ydffbeju.exe
- <SYSTEM32>\pdmagduhjj.exe
- %WINDIR%\Temp\lyyqvtg38rzwa.exe
- <DRIVERS>\etc\hosts
- %TEMP%\lyyqvtg32iqwrlepqvgf.exe
- 'le####housand.net':80
- 'se####housand.net':80
- 'se###loud.net':80
- 'se###tree.net':80
- 'le###loud.net':80
- 'le####aturday.net':80
- 'fi###oud.net':80
- 'pl###loud.net':80
- 'pl###tree.net':80
- 'se####aturday.net':80
- 'fi###ree.net':80
- 'le###tree.net':80
- 'fa###ree.net':80
- 'to###ree.net':80
- 'we####turday.net':80
- 'we####ousand.net':80
- 've####turday.net':80
- 'fa###oud.net':80
- 'fa####turday.net':80
- 'to####turday.net':80
- 'to####ousand.net':80
- 'to###oud.net':80
- 'fa####ousand.net':80
- 'fi####ousand.net':80
- 'yo####ousand.net':80
- 'tr####housand.net':80
- 'tr###loud.net':80
- 'tr###tree.net':80
- 'yo###oud.net':80
- 'yo####turday.net':80
- 'el#####arimagine.com':80
- 'do####club-grup.com':80
- 'ja###uter.com':80
- 'tr####aturday.net':80
- 'go#####everytime.com':80
- 'yo###ree.net':80
- 'vi###ree.net':80
- 'lr###tree.net':80
- 'pl####aturday.net':80
- 'pl####housand.net':80
- 'fi####turday.net':80
- 'vi###oud.net':80
- 'vi####turday.net':80
- 'lr####aturday.net':80
- 'lr####housand.net':80
- 'lr###loud.net':80
- 'vi####ousand.net':80
- http://le####housand.net/forum/search.php?me#########################################
- http://se####housand.net/forum/search.php?me#########################################
- http://se###loud.net/forum/search.php?me#########################################
- http://se###tree.net/forum/search.php?me#########################################
- http://le###loud.net/forum/search.php?me#########################################
- http://le####aturday.net/forum/search.php?me#########################################
- http://fi###oud.net/forum/search.php?me#########################################
- http://pl###loud.net/forum/search.php?me#########################################
- http://pl###tree.net/forum/search.php?me#########################################
- http://se####aturday.net/forum/search.php?me#########################################
- http://fi###ree.net/forum/search.php?me#########################################
- http://le###tree.net/forum/search.php?me#########################################
- http://fa###ree.net/forum/search.php?me#########################################
- http://to###ree.net/forum/search.php?me#########################################
- http://we####turday.net/forum/search.php?me#########################################
- http://we####ousand.net/forum/search.php?me#########################################
- http://ve####turday.net/forum/search.php?me#########################################
- http://fa###oud.net/forum/search.php?me#########################################
- http://fa####turday.net/forum/search.php?me#########################################
- http://to####turday.net/forum/search.php?me#########################################
- http://to####ousand.net/forum/search.php?me#########################################
- http://to###oud.net/forum/search.php?me#########################################
- http://fa####ousand.net/forum/search.php?me#########################################
- http://fi####ousand.net/forum/search.php?me#########################################
- http://yo####ousand.net/forum/search.php?me#########################################
- http://tr####housand.net/forum/search.php?me#########################################
- http://tr###loud.net/forum/search.php?me#########################################
- http://tr###tree.net/forum/search.php?me#########################################
- http://yo###oud.net/forum/search.php?me#########################################
- http://yo####turday.net/forum/search.php?me#########################################
- http://el#####arimagine.com/forum/search.php?me#########################################
- http://do####club-grup.com/forum/search.php?me#########################################
- http://ja###uter.com/forum/search.php?me#########################################
- http://tr####aturday.net/forum/search.php?me#########################################
- http://go#####everytime.com/forum/search.php?me#########################################
- http://yo###ree.net/forum/search.php?me#########################################
- http://vi###ree.net/forum/search.php?me#########################################
- http://lr###tree.net/forum/search.php?me#########################################
- http://pl####aturday.net/forum/search.php?me#########################################
- http://pl####housand.net/forum/search.php?me#########################################
- http://fi####turday.net/forum/search.php?me#########################################
- http://vi###oud.net/forum/search.php?me#########################################
- http://vi####turday.net/forum/search.php?me#########################################
- http://lr####aturday.net/forum/search.php?me#########################################
- http://lr####housand.net/forum/search.php?me#########################################
- http://lr###loud.net/forum/search.php?me#########################################
- http://vi####ousand.net/forum/search.php?me#########################################
- DNS ASK le####housand.net
- DNS ASK se####housand.net
- DNS ASK le####aturday.net
- DNS ASK se###tree.net
- DNS ASK le###loud.net
- DNS ASK se###loud.net
- DNS ASK fi###oud.net
- DNS ASK pl###loud.net
- DNS ASK ve####ousand.net
- DNS ASK se####aturday.net
- DNS ASK fi###ree.net
- DNS ASK pl###tree.net
- DNS ASK fa###ree.net
- DNS ASK to###ree.net
- DNS ASK fa###oud.net
- DNS ASK we####ousand.net
- DNS ASK ve####turday.net
- DNS ASK we####turday.net
- DNS ASK fa####turday.net
- DNS ASK to####turday.net
- DNS ASK le###tree.net
- DNS ASK to###oud.net
- DNS ASK fa####ousand.net
- DNS ASK to####ousand.net
- DNS ASK yo####ousand.net
- DNS ASK tr####housand.net
- DNS ASK yo####turday.net
- DNS ASK tr###tree.net
- DNS ASK yo###oud.net
- DNS ASK tr###loud.net
- DNS ASK el#####arimagine.com
- DNS ASK do####club-grup.com
- DNS ASK fi####ousand.net
- DNS ASK tr####aturday.net
- DNS ASK go#####everytime.com
- DNS ASK ja###uter.com
- DNS ASK vi###ree.net
- DNS ASK lr###tree.net
- DNS ASK vi###oud.net
- DNS ASK pl####housand.net
- DNS ASK fi####turday.net
- DNS ASK pl####aturday.net
- DNS ASK vi####turday.net
- DNS ASK lr####aturday.net
- DNS ASK yo###ree.net
- DNS ASK lr###loud.net
- DNS ASK vi####ousand.net
- DNS ASK lr####housand.net
- '23#.#55.255.250':1900