Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Proxy Detection Engine Logon Video Web' = 'C:\tdndeuejtaj\ztduugimmu.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Storage Store System Desktop Intelligent] 'ImagePath' = 'C:\tdndeuejtaj\ztduugimmu.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Storage Store System Desktop Intelligent] 'Start' = '00000002'
- 'C:\tdndeuejtaj\zrqsptsag.exe' "c:\tdndeuejtaj\ztduugimmu.exe"
- 'C:\tdndeuejtaj\ztduugimmu.exe'
- 'C:\tdndeuejtaj\pvf2gf5clhpprul.exe'
- C:\tdndeuejtaj\ztduugimmu.exe
- C:\tdndeuejtaj\zrqsptsag.exe
- C:\tdndeuejtaj\pvf2gf5clhpprul.exe
- %WINDIR%\tdndeuejtaj\rkxueb0j1j
- C:\tdndeuejtaj\rkxueb0j1j
- C:\tdndeuejtaj\zrqsptsag.exe
- C:\tdndeuejtaj\ztduugimmu.exe
- C:\tdndeuejtaj\pvf2gf5clhpprul.exe
- %WINDIR%\tdndeuejtaj\rkxueb0j1j
- 're###dstorm.net':80
- 'el####icstorm.net':80
- 're####training.net':80
- 'el#####ctraining.net':80
- 're####thrown.net':80
- 'tr###hunger.net':80
- 'st####training.net':80
- 'el####icthrown.net':80
- 'st####hunger.net':80
- 'el####ichunger.net':80
- 'la####raining.net':80
- 'ca####ntraining.net':80
- 'la###hunger.net':80
- 'ca####nhunger.net':80
- 'la###storm.net':80
- 'ca####nthrown.net':80
- 're####hunger.net':80
- 'ca####nstorm.net':80
- 'la###thrown.net':80
- 'tr####raining.net':80
- 'fl###hunger.net':80
- 'br###hunger.net':80
- 'be####thrown.net':80
- 'ga####thrown.net':80
- 'fl####raining.net':80
- 'br###storm.net':80
- 'fl###thrown.net':80
- 'br####raining.net':80
- 'fl###storm.net':80
- 'ga###rstorm.net':80
- 'st####thrown.net':80
- 'tr###thrown.net':80
- 'st###tstorm.net':80
- 'tr###storm.net':80
- 'be####hunger.net':80
- 'ga####training.net':80
- 'be###rstorm.net':80
- 'ga####hunger.net':80
- 'be####training.net':80
- 'br####uestion.net':80
- 'fl####herefore.net':80
- 'br###while.net':80
- 'fl####uestion.net':80
- 'br####herefore.net':80
- 'qu###while.net':80
- 'se###nwhile.net':80
- 'qu###school.net':80
- 'se####school.net':80
- 'fl###while.net':80
- 'ga###rwhile.net':80
- 'be####question.net':80
- 'ga####school.net':80
- 'be###rwhile.net':80
- 'ga####question.net':80
- 'fl###school.net':80
- 'br###school.net':80
- 'be####therefore.net':80
- 'ga####therefore.net':80
- 'qu####uestion.net':80
- 'de####hunger.net':80
- 'ni####raining.net':80
- 'do###thrown.net':80
- 'ni###hunger.net':80
- 'de####training.net':80
- 'ni###thrown.net':80
- 'de####thrown.net':80
- 'ni###storm.net':80
- 'de###estorm.net':80
- 'ag####tthrown.net':80
- 'se####therefore.net':80
- 'ag####thunger.net':80
- 'se####question.net':80
- 'qu####herefore.net':80
- 'do###hunger.net':80
- 'ag####tstorm.net':80
- 'do###storm.net':80
- 'ag####ttraining.net':80
- 'do####raining.net':80
- http://re###dstorm.net/index.php
- http://el####icstorm.net/index.php
- http://re####training.net/index.php
- http://el#####ctraining.net/index.php
- http://re####thrown.net/index.php
- http://tr###hunger.net/index.php
- http://st####training.net/index.php
- http://el####icthrown.net/index.php
- http://st####hunger.net/index.php
- http://el####ichunger.net/index.php
- http://la####raining.net/index.php
- http://ca####ntraining.net/index.php
- http://la###hunger.net/index.php
- http://ca####nhunger.net/index.php
- http://la###storm.net/index.php
- http://ca####nthrown.net/index.php
- http://re####hunger.net/index.php
- http://ca####nstorm.net/index.php
- http://la###thrown.net/index.php
- http://tr####raining.net/index.php
- http://fl###hunger.net/index.php
- http://br###hunger.net/index.php
- http://be####thrown.net/index.php
- http://ga####thrown.net/index.php
- http://fl####raining.net/index.php
- http://br###storm.net/index.php
- http://fl###thrown.net/index.php
- http://br####raining.net/index.php
- http://fl###storm.net/index.php
- http://ga###rstorm.net/index.php
- http://st####thrown.net/index.php
- http://tr###thrown.net/index.php
- http://st###tstorm.net/index.php
- http://tr###storm.net/index.php
- http://be####hunger.net/index.php
- http://ga####training.net/index.php
- http://be###rstorm.net/index.php
- http://ga####hunger.net/index.php
- http://be####training.net/index.php
- http://br####uestion.net/index.php
- http://fl####herefore.net/index.php
- http://br###while.net/index.php
- http://fl####uestion.net/index.php
- http://br####herefore.net/index.php
- http://qu###while.net/index.php
- http://se###nwhile.net/index.php
- http://qu###school.net/index.php
- http://se####school.net/index.php
- http://fl###while.net/index.php
- http://ga###rwhile.net/index.php
- http://be####question.net/index.php
- http://ga####school.net/index.php
- http://be###rwhile.net/index.php
- http://ga####question.net/index.php
- http://fl###school.net/index.php
- http://br###school.net/index.php
- http://be####therefore.net/index.php
- http://ga####therefore.net/index.php
- http://qu####uestion.net/index.php
- http://de####hunger.net/index.php
- http://ni####raining.net/index.php
- http://do###thrown.net/index.php
- http://ni###hunger.net/index.php
- http://de####training.net/index.php
- http://ni###thrown.net/index.php
- http://de####thrown.net/index.php
- http://ni###storm.net/index.php
- http://de###estorm.net/index.php
- http://ag####tthrown.net/index.php
- http://se####therefore.net/index.php
- http://ag####thunger.net/index.php
- http://se####question.net/index.php
- http://qu####herefore.net/index.php
- http://do###hunger.net/index.php
- http://ag####tstorm.net/index.php
- http://do###storm.net/index.php
- http://ag####ttraining.net/index.php
- http://do####raining.net/index.php
- DNS ASK el####icstorm.net
- DNS ASK re####thrown.net
- DNS ASK el#####ctraining.net
- DNS ASK re###dstorm.net
- DNS ASK el####icthrown.net
- DNS ASK st####training.net
- DNS ASK tr####raining.net
- DNS ASK st####hunger.net
- DNS ASK tr###hunger.net
- DNS ASK re####training.net
- DNS ASK ca####ntraining.net
- DNS ASK la###storm.net
- DNS ASK ca####nhunger.net
- DNS ASK la####raining.net
- DNS ASK ca####nstorm.net
- DNS ASK re####hunger.net
- DNS ASK el####ichunger.net
- DNS ASK la###thrown.net
- DNS ASK ca####nthrown.net
- DNS ASK st###tstorm.net
- DNS ASK br###hunger.net
- DNS ASK fl####raining.net
- DNS ASK ga####thrown.net
- DNS ASK fl###hunger.net
- DNS ASK br####raining.net
- DNS ASK fl###thrown.net
- DNS ASK br###thrown.net
- DNS ASK fl###storm.net
- DNS ASK br###storm.net
- DNS ASK be####thrown.net
- DNS ASK tr###thrown.net
- DNS ASK be####hunger.net
- DNS ASK tr###storm.net
- DNS ASK st####thrown.net
- DNS ASK ga####hunger.net
- DNS ASK be###rstorm.net
- DNS ASK ga###rstorm.net
- DNS ASK be####training.net
- DNS ASK ga####training.net
- DNS ASK la###hunger.net
- DNS ASK br####uestion.net
- DNS ASK fl####herefore.net
- DNS ASK br###while.net
- DNS ASK fl####uestion.net
- DNS ASK br####herefore.net
- DNS ASK qu###while.net
- DNS ASK se###nwhile.net
- DNS ASK qu###school.net
- DNS ASK se####school.net
- DNS ASK fl###while.net
- DNS ASK ga###rwhile.net
- DNS ASK be####question.net
- DNS ASK ga####school.net
- DNS ASK be###rwhile.net
- DNS ASK ga####question.net
- DNS ASK fl###school.net
- DNS ASK br###school.net
- DNS ASK be####therefore.net
- DNS ASK ga####therefore.net
- DNS ASK qu####uestion.net
- DNS ASK de####hunger.net
- DNS ASK ni####raining.net
- DNS ASK do###thrown.net
- DNS ASK ni###hunger.net
- DNS ASK de####training.net
- DNS ASK ni###thrown.net
- DNS ASK de####thrown.net
- DNS ASK ni###storm.net
- DNS ASK de###estorm.net
- DNS ASK ag####tthrown.net
- DNS ASK se####therefore.net
- DNS ASK ag####thunger.net
- DNS ASK se####question.net
- DNS ASK qu####herefore.net
- DNS ASK do###hunger.net
- DNS ASK ag####tstorm.net
- DNS ASK do###storm.net
- DNS ASK ag####ttraining.net
- DNS ASK do####raining.net
- ClassName: 'Shell_TrayWnd' WindowName: ''