Technical Information
Malicious functions:
Creates and executes the following:
- '%TEMP%\temp553372410.exe'
- '%TEMP%\temp553372410.exe' (downloaded from the Internet)
Executes the following:
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE'
Modifies file system:
Creates the following files:
- %TEMP%\temp553372410.exe
Network activity:
Connects to:
- '71.##.82.160':80
TCP:
HTTP GET requests:
- http://71.##.82.160/mgptfdo.exe