Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'vkkrudug' = '"%ALLUSERSPROFILE%\application data\microsoft\wwuozr\wwuozr.exe"'
- <Auxiliary element>
- %ALLUSERSPROFILE%\Application Data\Microsoft\wwuozr\wwuozr.exe
- <SYSTEM32>\ping.exe -n 10 localhost
- %WINDIR%\Explorer.EXE
- %ALLUSERSPROFILE%\Application Data\Microsoft\wwuozr\wwuo.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\fhahqfpmju[1]
- %ALLUSERSPROFILE%\Application Data\Microsoft\wwuozr\wwuoz.dll
- %ALLUSERSPROFILE%\Application Data\Microsoft\wwuozr\wwuozr.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\wwuozr\wwuozr.dll
- 'www.ip###ress.com':80
- 'www.ip####essworld.com':80
- 'fh#####mju.localdomain':80
- 'go###nt.co.in':80
- 'localhost':1037
- www.ip####essworld.com/
- www.ip###ress.com/
- fh#####mju.localdomain/
- go###nt.co.in/5
- DNS ASK www.ip####essworld.com
- DNS ASK 25#.###.#55.255.in-addr.arpa
- DNS ASK www.ip###ress.com
- DNS ASK go###nt.co.in
- DNS ASK fh#####mju.localdomain
- ClassName: 'wwuozr%USERNAME%2084' WindowName: 'wwuozr%USERNAME%2084'
- ClassName: 'wwuozr%USERNAME%2092' WindowName: 'wwuozr%USERNAME%2092'
- ClassName: 'wwuozr%USERNAME%2100' WindowName: 'wwuozr%USERNAME%2100'
- ClassName: 'wwuozr%USERNAME%2076' WindowName: 'wwuozr%USERNAME%2076'
- ClassName: 'wwuozr%USERNAME%2052' WindowName: 'wwuozr%USERNAME%2052'
- ClassName: 'wwuozr%USERNAME%2060' WindowName: 'wwuozr%USERNAME%2060'
- ClassName: 'wwuozr%USERNAME%2068' WindowName: 'wwuozr%USERNAME%2068'
- ClassName: 'wwuozr%USERNAME%2140' WindowName: 'wwuozr%USERNAME%2140'
- ClassName: 'wwuozr%USERNAME%2148' WindowName: 'wwuozr%USERNAME%2148'
- ClassName: 'wwuozr%USERNAME%2156' WindowName: 'wwuozr%USERNAME%2156'
- ClassName: 'wwuozr%USERNAME%2132' WindowName: 'wwuozr%USERNAME%2132'
- ClassName: 'wwuozr%USERNAME%2108' WindowName: 'wwuozr%USERNAME%2108'
- ClassName: 'wwuozr%USERNAME%2116' WindowName: 'wwuozr%USERNAME%2116'
- ClassName: 'wwuozr%USERNAME%2124' WindowName: 'wwuozr%USERNAME%2124'
- ClassName: 'wwuozr%USERNAME%1892' WindowName: 'wwuozr%USERNAME%1892'
- ClassName: 'wwuozr%USERNAME%1840' WindowName: 'wwuozr%USERNAME%1840'
- ClassName: 'wwuozr%USERNAME%1924' WindowName: 'wwuozr%USERNAME%1924'
- ClassName: 'wwuozr%USERNAME%1880' WindowName: 'wwuozr%USERNAME%1880'
- ClassName: 'wwuozr%USERNAME%1856' WindowName: 'wwuozr%USERNAME%1856'
- ClassName: 'wwuozr%USERNAME%1860' WindowName: 'wwuozr%USERNAME%1860'
- ClassName: 'wwuozr%USERNAME%1872' WindowName: 'wwuozr%USERNAME%1872'
- ClassName: 'wwuozr%USERNAME%2012' WindowName: 'wwuozr%USERNAME%2012'
- ClassName: 'wwuozr%USERNAME%2032' WindowName: 'wwuozr%USERNAME%2032'
- ClassName: 'wwuozr%USERNAME%2040' WindowName: 'wwuozr%USERNAME%2040'
- ClassName: 'wwuozr%USERNAME%1920' WindowName: 'wwuozr%USERNAME%1920'
- ClassName: 'wwuozr%USERNAME%1904' WindowName: 'wwuozr%USERNAME%1904'
- ClassName: 'wwuozr%USERNAME%1896' WindowName: 'wwuozr%USERNAME%1896'
- ClassName: 'wwuozr%USERNAME%1812' WindowName: 'wwuozr%USERNAME%1812'
- ClassName: 'wwuozr%USERNAME%2308' WindowName: 'wwuozr%USERNAME%2308'
- ClassName: 'wwuozr%USERNAME%2316' WindowName: 'wwuozr%USERNAME%2316'
- ClassName: 'wwuozr%USERNAME%2324' WindowName: 'wwuozr%USERNAME%2324'
- ClassName: 'wwuozr%USERNAME%2300' WindowName: 'wwuozr%USERNAME%2300'
- ClassName: 'wwuozr%USERNAME%2276' WindowName: 'wwuozr%USERNAME%2276'
- ClassName: 'wwuozr%USERNAME%2284' WindowName: 'wwuozr%USERNAME%2284'
- ClassName: 'wwuozr%USERNAME%2292' WindowName: 'wwuozr%USERNAME%2292'
- ClassName: 'wwuozr%USERNAME%2700' WindowName: 'wwuozr%USERNAME%2700'
- ClassName: 'wwuozr%USERNAME%2712' WindowName: 'wwuozr%USERNAME%2712'
- ClassName: 'wwuozr%USERNAME%2820' WindowName: 'wwuozr%USERNAME%2820'
- ClassName: 'wwuozr%USERNAME%2408' WindowName: 'wwuozr%USERNAME%2408'
- ClassName: 'wwuozr%USERNAME%2332' WindowName: 'wwuozr%USERNAME%2332'
- ClassName: 'wwuozr%USERNAME%2340' WindowName: 'wwuozr%USERNAME%2340'
- ClassName: 'wwuozr%USERNAME%2348' WindowName: 'wwuozr%USERNAME%2348'
- ClassName: 'wwuozr%USERNAME%2196' WindowName: 'wwuozr%USERNAME%2196'
- ClassName: 'wwuozr%USERNAME%2204' WindowName: 'wwuozr%USERNAME%2204'
- ClassName: 'wwuozr%USERNAME%2212' WindowName: 'wwuozr%USERNAME%2212'
- ClassName: 'wwuozr%USERNAME%2188' WindowName: 'wwuozr%USERNAME%2188'
- ClassName: 'wwuozr%USERNAME%2164' WindowName: 'wwuozr%USERNAME%2164'
- ClassName: 'wwuozr%USERNAME%2172' WindowName: 'wwuozr%USERNAME%2172'
- ClassName: 'wwuozr%USERNAME%2180' WindowName: 'wwuozr%USERNAME%2180'
- ClassName: 'wwuozr%USERNAME%2252' WindowName: 'wwuozr%USERNAME%2252'
- ClassName: 'wwuozr%USERNAME%2260' WindowName: 'wwuozr%USERNAME%2260'
- ClassName: 'wwuozr%USERNAME%2268' WindowName: 'wwuozr%USERNAME%2268'
- ClassName: 'wwuozr%USERNAME%2244' WindowName: 'wwuozr%USERNAME%2244'
- ClassName: 'wwuozr%USERNAME%2220' WindowName: 'wwuozr%USERNAME%2220'
- ClassName: 'wwuozr%USERNAME%2228' WindowName: 'wwuozr%USERNAME%2228'
- ClassName: 'wwuozr%USERNAME%2236' WindowName: 'wwuozr%USERNAME%2236'
- ClassName: 'wwuozr%USERNAME%1844' WindowName: 'wwuozr%USERNAME%1844'
- ClassName: 'wwuozr%USERNAME%1644' WindowName: 'wwuozr%USERNAME%1644'
- ClassName: 'wwuozr%USERNAME%908' WindowName: 'wwuozr%USERNAME%908'
- ClassName: 'wwuozr%USERNAME%1308' WindowName: 'wwuozr%USERNAME%1308'
- ClassName: 'wwuozr%USERNAME%1572' WindowName: 'wwuozr%USERNAME%1572'
- ClassName: 'wwuozr%USERNAME%1148' WindowName: 'wwuozr%USERNAME%1148'
- ClassName: 'wwuozr%USERNAME%1252' WindowName: 'wwuozr%USERNAME%1252'
- ClassName: 'wwuozr%USERNAME%1368' WindowName: 'wwuozr%USERNAME%1368'
- ClassName: 'wwuozr%USERNAME%1416' WindowName: 'wwuozr%USERNAME%1416'
- ClassName: 'wwuozr%USERNAME%1424' WindowName: 'wwuozr%USERNAME%1424'
- ClassName: 'wwuozr%USERNAME%1188' WindowName: 'wwuozr%USERNAME%1188'
- ClassName: 'wwuozr%USERNAME%328' WindowName: 'wwuozr%USERNAME%328'
- ClassName: 'wwuozr%USERNAME%1264' WindowName: 'wwuozr%USERNAME%1264'
- ClassName: 'wwuozr%USERNAME%1360' WindowName: 'wwuozr%USERNAME%1360'
- ClassName: 'wwuozr%USERNAME%1388' WindowName: 'wwuozr%USERNAME%1388'
- ClassName: 'wwuozr%USERNAME%0' WindowName: 'wwuozr%USERNAME%0'
- ClassName: 'wwuozr%USERNAME%4' WindowName: 'wwuozr%USERNAME%4'
- ClassName: 'wwuozr%USERNAME%524' WindowName: 'wwuozr%USERNAME%524'
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'wwuozr%USERNAME%884' WindowName: 'wwuozr%USERNAME%884'
- ClassName: 'wwuozr%USERNAME%944' WindowName: 'wwuozr%USERNAME%944'
- ClassName: 'wwuozr%USERNAME%1128' WindowName: 'wwuozr%USERNAME%1128'
- ClassName: 'wwuozr%USERNAME%668' WindowName: 'wwuozr%USERNAME%668'
- ClassName: 'wwuozr%USERNAME%588' WindowName: 'wwuozr%USERNAME%588'
- ClassName: 'wwuozr%USERNAME%612' WindowName: 'wwuozr%USERNAME%612'
- ClassName: 'wwuozr%USERNAME%656' WindowName: 'wwuozr%USERNAME%656'
- ClassName: 'wwuozr%USERNAME%1628' WindowName: 'wwuozr%USERNAME%1628'
- ClassName: 'wwuozr%USERNAME%1640' WindowName: 'wwuozr%USERNAME%1640'
- ClassName: 'wwuozr%USERNAME%1664' WindowName: 'wwuozr%USERNAME%1664'
- ClassName: 'wwuozr%USERNAME%848' WindowName: 'wwuozr%USERNAME%848'
- ClassName: 'wwuozr%USERNAME%1516' WindowName: 'wwuozr%USERNAME%1516'
- ClassName: 'wwuozr%USERNAME%880' WindowName: 'wwuozr%USERNAME%880'
- ClassName: 'wwuozr%USERNAME%860' WindowName: 'wwuozr%USERNAME%860'
- ClassName: 'wwuozr%USERNAME%1728' WindowName: 'wwuozr%USERNAME%1728'
- ClassName: 'wwuozr%USERNAME%1736' WindowName: 'wwuozr%USERNAME%1736'
- ClassName: 'wwuozr%USERNAME%1404' WindowName: 'wwuozr%USERNAME%1404'
- ClassName: 'wwuozr%USERNAME%872' WindowName: 'wwuozr%USERNAME%872'
- ClassName: 'wwuozr%USERNAME%1696' WindowName: 'wwuozr%USERNAME%1696'
- ClassName: 'wwuozr%USERNAME%1704' WindowName: 'wwuozr%USERNAME%1704'
- ClassName: 'wwuozr%USERNAME%1712' WindowName: 'wwuozr%USERNAME%1712'
- ClassName: 'wwuozr%USERNAME%1468' WindowName: 'wwuozr%USERNAME%1468'
- ClassName: 'wwuozr%USERNAME%1452' WindowName: 'wwuozr%USERNAME%1452'
- ClassName: 'wwuozr%USERNAME%1456' WindowName: 'wwuozr%USERNAME%1456'
- ClassName: 'wwuozr%USERNAME%1464' WindowName: 'wwuozr%USERNAME%1464'
- ClassName: 'wwuozr%USERNAME%864' WindowName: 'wwuozr%USERNAME%864'
- ClassName: 'wwuozr%USERNAME%876' WindowName: 'wwuozr%USERNAME%876'
- ClassName: 'wwuozr%USERNAME%1440' WindowName: 'wwuozr%USERNAME%1440'
- ClassName: 'wwuozr%USERNAME%1536' WindowName: 'wwuozr%USERNAME%1536'
- ClassName: 'wwuozr%USERNAME%1564' WindowName: 'wwuozr%USERNAME%1564'
- ClassName: 'wwuozr%USERNAME%1612' WindowName: 'wwuozr%USERNAME%1612'
- ClassName: 'wwuozr%USERNAME%1524' WindowName: 'wwuozr%USERNAME%1524'
- ClassName: 'wwuozr%USERNAME%1500' WindowName: 'wwuozr%USERNAME%1500'
- ClassName: 'wwuozr%USERNAME%1460' WindowName: 'wwuozr%USERNAME%1460'
- ClassName: 'wwuozr%USERNAME%1512' WindowName: 'wwuozr%USERNAME%1512'