Technical Information
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\Beholder[3]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\hookDll[2].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\MSDOS[3].pif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\Beholder[3]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\hookDll[3].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\MSDOS[2].pif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\Beholder[2]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\hookDll[2].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\MSDOS[2].pif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\Beholder[2]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\MSDOS[3].pif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\hookDll[3].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\MSDOS[3].pif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\Beholder[4]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\hookDll[4].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\MSDOS[4].pif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\Beholder[3]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\hookDll[3].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\MSDOS[3].pif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\Beholder[3]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\hookDll[3].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\Beholder[1]
- <SYSTEM32>\hookDll.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\MSDOS[1].pif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\Beholder[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\hookDll[1].dll
- <SYSTEM32>\Beholder.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\Beholder[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\MSDOS[1].pif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\hookDll[1].dll
- <SYSTEM32>\MSDOS.pif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\MSDOS[1].pif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\hookDll[2].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\MSDOS[2].pif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\Beholder[2]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\hookDll[2].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\MSDOS[2].pif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\Beholder[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\hookDll[1].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\MSDOS[1].pif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\Beholder[2]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\hookDll[1].dll
- <SYSTEM32>\hookDll.dll
- <SYSTEM32>\Beholder.exe
- <SYSTEM32>\MSDOS.pif
- 'we####me3.smtp.ru':80
- 'we####me5.smtp.ru':80
- 'we####me4.smtp.ru':80
- 'we####me1.smtp.ru':80
- 'kl###l.land.ru':80
- 'kl####.hotbox.ru':80
- 'kl###l.qipim.ru':80
- 'kl####.hotmail.ru':80
- 'we####me2.smtp.ru':80
- 'localhost':1034
- 'kl####.fromru.su':80
- 'kl####.pochta.ru':80
- 'kl###l.front.ru':80
- 'kl####.krovatka.su':80
- we####me3.smtp.ru/hookDll.dll
- we####me3.smtp.ru/MSDOS.pif
- we####me1.smtp.ru/MSDOS.pif
- we####me1.smtp.ru/Beholder
- we####me3.smtp.ru/Beholder
- we####me5.smtp.ru/Beholder
- we####me4.smtp.ru/hookDll.dll
- we####me5.smtp.ru/hookDll.dll
- we####me5.smtp.ru/MSDOS.pif
- we####me1.smtp.ru/hookDll.dll
- kl###l.land.ru/Beholder
- kl####.hotbox.ru/hookDll.dll
- kl###l.land.ru/hookDll.dll
- kl###l.land.ru/MSDOS.pif
- kl####.hotbox.ru/MSDOS.pif
- kl###l.qipim.ru/MSDOS.pif
- kl###l.qipim.ru/Beholder
- kl####.hotbox.ru/Beholder
- kl###l.qipim.ru/hookDll.dll
- we####me4.smtp.ru/MSDOS.pif
- kl####.fromru.su/Beholder
- kl####.hotmail.ru/hookDll.dll
- kl####.fromru.su/hookDll.dll
- kl####.fromru.su/MSDOS.pif
- kl####.hotmail.ru/MSDOS.pif
- we####me2.smtp.ru/MSDOS.pif
- we####me2.smtp.ru/Beholder
- kl####.hotmail.ru/Beholder
- we####me2.smtp.ru/hookDll.dll
- kl####.krovatka.su/Beholder
- kl####.pochta.ru/MSDOS.pif
- kl####.pochta.ru/Beholder
- we####me4.smtp.ru/Beholder
- kl####.pochta.ru/hookDll.dll
- kl###l.front.ru/hookDll.dll
- kl####.krovatka.su/hookDll.dll
- kl####.krovatka.su/MSDOS.pif
- kl###l.front.ru/MSDOS.pif
- kl###l.front.ru/Beholder
- DNS ASK we####me1.smtp.ru
- DNS ASK we####me3.smtp.ru
- DNS ASK we####me5.smtp.ru
- DNS ASK kl###l.land.ru
- DNS ASK kl####.hotbox.ru
- DNS ASK kl###l.qipim.ru
- DNS ASK we####me4.smtp.ru
- DNS ASK kl####.fromru.su
- DNS ASK kl####.hotmail.ru
- DNS ASK we####me2.smtp.ru
- DNS ASK kl####.pochta.ru
- DNS ASK kl###l.front.ru
- DNS ASK kl####.krovatka.su