Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Link Superfetch Net.Tcp Update' = 'C:\jxosifzzdtn\hipfwyxiirc.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Link-Layer DNS Time ActiveX Bus] 'ImagePath' = 'C:\jxosifzzdtn\hipfwyxiirc.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Link-Layer DNS Time ActiveX Bus] 'Start' = '00000002'
- 'C:\jxosifzzdtn\gnuusqhxojp.exe' "c:\jxosifzzdtn\hipfwyxiirc.exe"
- 'C:\jxosifzzdtn\hipfwyxiirc.exe'
- 'C:\jxosifzzdtn\sclih2p4yxbufulipxjrgd.exe'
- C:\jxosifzzdtn\hipfwyxiirc.exe
- C:\jxosifzzdtn\gnuusqhxojp.exe
- C:\jxosifzzdtn\sclih2p4yxbufulipxjrgd.exe
- %WINDIR%\jxosifzzdtn\muby7wi
- C:\jxosifzzdtn\muby7wi
- C:\jxosifzzdtn\gnuusqhxojp.exe
- C:\jxosifzzdtn\hipfwyxiirc.exe
- C:\jxosifzzdtn\sclih2p4yxbufulipxjrgd.exe
- %WINDIR%\jxosifzzdtn\muby7wi
- 'fr####roblem.net':80
- 'ex#####nceproblem.net':80
- 'fr###animal.net':80
- 'ex#####nceanimal.net':80
- 'ge####manescape.net':80
- 'al####yescape.net':80
- 'fr###modern.net':80
- 'ex#####ncemodern.net':80
- 'ex#####nceescape.net':80
- 'fi####tranger.net':80
- 'pa####oodbye.net':80
- 'fi####dvance.net':80
- 'pa####tranger.net':80
- 'fi####ortieth.net':80
- 'fr###escape.net':80
- 'fi####oodbye.net':80
- 'pa####ortieth.net':80
- 'ge####mananimal.net':80
- 'fo####modern.net':80
- 'me####modern.net':80
- 'fo####problem.net':80
- 'me####problem.net':80
- 'be###animal.net':80
- 'kn###animal.net':80
- 'be###escape.net':80
- 'kn###escape.net':80
- 'me####animal.net':80
- 'al####yproblem.net':80
- 'ge####manmodern.net':80
- 'al####yanimal.net':80
- 'ge#####anproblem.net':80
- 'me####escape.net':80
- 'fo####animal.net':80
- 'al####ymodern.net':80
- 'fo####escape.net':80
- 'cr####dvance.net':80
- 'su####stranger.net':80
- 'kn####ortieth.net':80
- 'su####advance.net':80
- 'cr####oodbye.net':80
- 'su####fortieth.net':80
- 'cr####tranger.net':80
- 'su####goodbye.net':80
- 'be####ortieth.net':80
- 'be####dvance.net':80
- 'kn####dvance.net':80
- 'fo####fortieth.net':80
- 'me####fortieth.net':80
- 'be####oodbye.net':80
- 'kn####oodbye.net':80
- 'be####tranger.net':80
- 'kn####tranger.net':80
- 'cr####ortieth.net':80
- 'sm####tranger.net':80
- 'wo####oodbye.net':80
- 'sm####dvance.net':80
- 'wo####tranger.net':80
- 'sm####ortieth.net':80
- 'pa####dvance.net':80
- 'sm####oodbye.net':80
- 'wo####ortieth.net':80
- 'wo####dvance.net':80
- 'th####tstranger.net':80
- 'wa####tranger.net':80
- 'th####tadvance.net':80
- 'wa####dvance.net':80
- 'th####tfortieth.net':80
- 'wa####ortieth.net':80
- 'th####tgoodbye.net':80
- 'wa####oodbye.net':80
- http://fr####roblem.net/index.php
- http://ex#####nceproblem.net/index.php
- http://fr###animal.net/index.php
- http://ex#####nceanimal.net/index.php
- http://ge####manescape.net/index.php
- http://al####yescape.net/index.php
- http://fr###modern.net/index.php
- http://ex#####ncemodern.net/index.php
- http://ex#####nceescape.net/index.php
- http://fi####tranger.net/index.php
- http://pa####oodbye.net/index.php
- http://fi####dvance.net/index.php
- http://pa####tranger.net/index.php
- http://fi####ortieth.net/index.php
- http://fr###escape.net/index.php
- http://fi####oodbye.net/index.php
- http://pa####ortieth.net/index.php
- http://ge####mananimal.net/index.php
- http://fo####modern.net/index.php
- http://me####modern.net/index.php
- http://fo####problem.net/index.php
- http://me####problem.net/index.php
- http://be###animal.net/index.php
- http://kn###animal.net/index.php
- http://be###escape.net/index.php
- http://kn###escape.net/index.php
- http://me####animal.net/index.php
- http://al####yproblem.net/index.php
- http://ge####manmodern.net/index.php
- http://al####yanimal.net/index.php
- http://ge#####anproblem.net/index.php
- http://me####escape.net/index.php
- http://fo####animal.net/index.php
- http://al####ymodern.net/index.php
- http://fo####escape.net/index.php
- http://cr####dvance.net/index.php
- http://su####stranger.net/index.php
- http://kn####ortieth.net/index.php
- http://su####advance.net/index.php
- http://cr####oodbye.net/index.php
- http://su####fortieth.net/index.php
- http://cr####tranger.net/index.php
- http://su####goodbye.net/index.php
- http://be####ortieth.net/index.php
- http://be####dvance.net/index.php
- http://kn####dvance.net/index.php
- http://fo####fortieth.net/index.php
- http://me####fortieth.net/index.php
- http://be####oodbye.net/index.php
- http://kn####oodbye.net/index.php
- http://be####tranger.net/index.php
- http://kn####tranger.net/index.php
- http://cr####ortieth.net/index.php
- http://sm####tranger.net/index.php
- http://wo####oodbye.net/index.php
- http://sm####dvance.net/index.php
- http://wo####tranger.net/index.php
- http://sm####ortieth.net/index.php
- http://pa####dvance.net/index.php
- http://sm####oodbye.net/index.php
- http://wo####ortieth.net/index.php
- http://wo####dvance.net/index.php
- http://th####tstranger.net/index.php
- http://wa####tranger.net/index.php
- http://th####tadvance.net/index.php
- http://wa####dvance.net/index.php
- http://th####tfortieth.net/index.php
- http://wa####ortieth.net/index.php
- http://th####tgoodbye.net/index.php
- http://wa####oodbye.net/index.php
- DNS ASK ex#####nceproblem.net
- DNS ASK fr###modern.net
- DNS ASK ex#####nceanimal.net
- DNS ASK fr####roblem.net
- DNS ASK al####yescape.net
- DNS ASK ge####mananimal.net
- DNS ASK ex#####ncemodern.net
- DNS ASK ge####manescape.net
- DNS ASK fr###animal.net
- DNS ASK pa####oodbye.net
- DNS ASK fi####oodbye.net
- DNS ASK pa####tranger.net
- DNS ASK fi####tranger.net
- DNS ASK fr###escape.net
- DNS ASK ex#####nceescape.net
- DNS ASK pa####ortieth.net
- DNS ASK fi####ortieth.net
- DNS ASK al####yanimal.net
- DNS ASK me####modern.net
- DNS ASK be###escape.net
- DNS ASK me####problem.net
- DNS ASK fo####modern.net
- DNS ASK kn###animal.net
- DNS ASK be####roblem.net
- DNS ASK kn###escape.net
- DNS ASK be###animal.net
- DNS ASK fo####problem.net
- DNS ASK ge####manmodern.net
- DNS ASK al####ymodern.net
- DNS ASK ge#####anproblem.net
- DNS ASK al####yproblem.net
- DNS ASK fo####animal.net
- DNS ASK me####animal.net
- DNS ASK fo####escape.net
- DNS ASK me####escape.net
- DNS ASK fi####dvance.net
- DNS ASK cr####dvance.net
- DNS ASK su####stranger.net
- DNS ASK kn####ortieth.net
- DNS ASK su####advance.net
- DNS ASK cr####oodbye.net
- DNS ASK su####fortieth.net
- DNS ASK cr####tranger.net
- DNS ASK su####goodbye.net
- DNS ASK be####ortieth.net
- DNS ASK be####dvance.net
- DNS ASK kn####dvance.net
- DNS ASK fo####fortieth.net
- DNS ASK me####fortieth.net
- DNS ASK be####oodbye.net
- DNS ASK kn####oodbye.net
- DNS ASK be####tranger.net
- DNS ASK kn####tranger.net
- DNS ASK cr####ortieth.net
- DNS ASK sm####tranger.net
- DNS ASK wo####oodbye.net
- DNS ASK sm####dvance.net
- DNS ASK wo####tranger.net
- DNS ASK sm####ortieth.net
- DNS ASK pa####dvance.net
- DNS ASK sm####oodbye.net
- DNS ASK wo####ortieth.net
- DNS ASK wo####dvance.net
- DNS ASK th####tstranger.net
- DNS ASK wa####tranger.net
- DNS ASK th####tadvance.net
- DNS ASK wa####dvance.net
- DNS ASK th####tfortieth.net
- DNS ASK wa####ortieth.net
- DNS ASK th####tgoodbye.net
- DNS ASK wa####oodbye.net
- ClassName: 'Shell_TrayWnd' WindowName: ''