Technical Information
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = '<LS_APPDATA>\a72a1ac3\X'
- [<HKLM>\SYSTEM\ControlSet001\Services\a72a1ac3] 'ImagePath' = '%WINDIR%\3273271975:1490412860.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\.afd] 'ImagePath' = '\?'
- <LS_APPDATA>\a72a1ac3\X
- %WINDIR%\explorer.exe
- <SYSTEM32>\winlogon.exe
- %WINDIR%\Explorer.EXE
- %WINDIR%\3273271975:1490412860.exe
- %WINDIR%\$NtUninstallKB16918$\2804554435\L\acbrwqkz
- <LS_APPDATA>\a72a1ac3\@
- <LS_APPDATA>\a72a1ac3\X
- '92.##.135.67':21810
- '69.##4.62.163':21810
- '11#.#54.22.165':21810
- '15#.#2.164.68':21810
- '78.##.33.214':21810
- '18#.#05.243.10':21810
- '11#.#93.103.65':21810
- '91.##7.103.162':21810
- '17#.#06.199.247':21810
- '2.###.87.247':21810
- '10#.#01.252.177':21810
- '11#.#17.151.211':21810
- '89.##.124.239':21810
- '61.#0.56.70':21810
- '11#.#19.172.5':21810
- '82.##2.61.75':21810
- '89.##.205.148':21810
- '19#.#13.81.11':21810
- '46.##7.178.143':21810
- '11#.#27.122.135':21810
- '17#.#6.196.61':21810
- '86.##.85.221':21810
- '11#.#02.90.18':21810
- '18#.#7.105.150':21810
- '12#.#50.102.128':21810
- '89.#7.54.19':21810
- '19#.#2.102.125':21810
- '12#.#38.142.126':21810
- '12#.#38.125.146':21810
- '12#.#41.107.184':21810
- '18#.#33.138.12':21810
- '11#.#10.192.13':21810
- '12#.#95.169.3':21810
- '19#.#21.54.104':21810
- '76.##1.142.241':21810
- '90.##1.222.244':21810
- '17#.#23.134.89':21810
- '89.#78.34.3':21810
- '11#.#42.148.81':21810
- '21#.#2.55.86':21810
- '46.##8.149.109':21810
- '19#.#7.201.8':21810
- '94.##3.197.11':21810
- '18#.#37.4.235':21810
- '11#.#93.48.1':21810
- '89.##3.15.241':21810
- '17#.#48.132.8':21810
- '46.##1.202.238':21810
- '18#.#15.73.42':21810
- '13#.#12.207.104':21810
- '21#.#33.198.29':21810
- '18#.#27.96.249':21810
- '79.#27.56.4':21810
- '89.##.227.76':21810
- '18#.#07.203.171':21810
- '20#.#7.117.26':21810
- '10#.#7.0.173':21810
- '11#.#42.72.101':21810
- '17#.#76.23.98':21810
- '79.##2.176.168':21810
- '11#.#84.21.40':21810
- '96.##.193.178':21810
- '88.##5.93.180':21810
- '18#.#5.143.39':21810
- '59.#2.4.18':21810
- '11#.#6.211.56':21810
- '19#.#4.49.155':21810
- '31.##0.10.55':21810
- '16#.#16.62.231':21810
- '46.##9.104.130':21810
- '17#.#.151.59':21810
- '18#.#4.4.135':21810
- '11#.#30.187.168':21810
- '79.##9.127.168':21810
- '93.##5.241.205':21810
- '76.##2.179.176':21810
- '12#.#23.128.51':21810
- '19#.#04.180.225':21810
- '11#.11.9.48':21810
- '18#.#22.249.156':21810
- '46.##1.217.112':21810
- '11#.#01.17.77':21810
- '89.##.149.244':21810
- '18#.#32.142.75':21810
- '21#.#63.0.252':21810
- '93.##5.26.95':21810
- '10#.#85.189.102':21810
- '88.##2.214.250':21810
- '18#.#33.139.64':21810
- '14.##.206.116':21810
- '12#.#20.163.63':21810
- '94.##.137.235':21810
- '15#.#9.141.113':21810
- '19#.#6.239.240':21810
- '94.##0.194.70':21810
- '20#.#6.232.5':21810
- '31.##6.233.95':21810
- '70.##4.86.41':21810
- '77.##2.166.46':21810
- '18#.#10.23.104':21810
- '95.##.112.90':21810
- '61.##.140.30':21810
- '95.##.129.26':21810
- '11#.#2.94.84':21810
- '21#.#04.115.238':21810
- '21#.#8.187.115':21810
- '88.##5.196.237':21810
- '46.##1.5.125':21810
- '95.##.130.22':21810
- '11#.#5.139.78':21810
- '22#.#45.54.108':21810
- '24.#42.9.78':21810
- '19#.#00.57.192':21810
- '79.##8.204.253':21810
- '11#.#5.35.34':21810
- '10#.#8.14.34':21810
- '2.###.125.197':21810
- '66.##8.195.205':21810
- '89.##6.239.179':21810
- '17#.#6.231.40':21810
- '98.##6.19.94':21810
- '18#.195.5.2':21810
- '67.##7.37.97':21810
- '79.##.96.100':21810
- '98.##4.197.227':21810
- '19#.#89.51.190':21810
- '11#.#3.152.181':21810
- '78.##.174.182':21810
- '31.##0.10.228':21810
- '79.##6.44.212':21810
- '46.##4.243.211':21810
- '20#.#92.221.69':21810
- '17#.#0.203.220':21810
- '18#.#7.248.19':21810
- '12#.#6.20.56':21810
- '20#.#7.14.155':21810
- '49.#.154.63':21810
- '20#.#0.185.235':21810
- '96.#1.8.178':21810
- '81.##8.37.66':21810
- '12#.#49.62.5':21810
- '20#.#79.19.36':21810
- '89.##.213.40':21810
- '89.##3.63.217':21810
- '76.##.253.215':21810
- '18#.#60.3.168':21810
- '11#.#42.82.135':21810
- '94.##.185.196':21810
- '12#.#1.196.38':21810
- '58.##.42.126':21810
- '18#.#41.181.34':21810
- '18#.#35.172.61':21810
- '11#.#02.132.203':21810
- '10#.#0.99.203':21810
- '1.##6.0.108':21810
- '58.##3.21.110':21810
- '86.##.92.140':21810
- '81.##3.188.241':21810
- '95.##0.214.41':21810
- '18#.#4.96.106':21810
- '12#.#15.49.109':21810
- '17#.#22.165.62':21810
- '19#.#4.171.3':21810
- '91.##.114.112':21810
- '11#.#19.172.75':21810
- '49.##7.1.247':21810
- '17#.#7.140.5':21810
- '22#.#8.53.54':21810
- '20#.#12.200.131':21810
- '58.##6.99.120':21810
- '27.#55.18.5':21810
- '19#.#05.154.210':80
- '14.##5.232.40':21810
- '11#.#26.27.121':21810
- '65.##4.120.250':21810
- '18#.#6.15.111':21810
- '93.#4.29.55':21810
- '87.#7.69.17':21810
- '11#.#01.12.226':21810
- '18#.#4.214.104':21810
- '18#.#56.118.47':21810
- '79.##6.20.59':21810
- '12#.#58.70.156':21810
- '86.##5.64.148':21810
- '17#.#21.81.194':21810
- '17#.#07.69.40':21810
- '94.##.162.242':21810
- '11#.#02.79.62':21810
- '18#.#8.98.47':21810
- '18#.#25.47.49':21810
- '67.##.203.229':21810
- '89.##.190.205':21810
- '46.##.58.200':21810
- '89.##2.220.33':21810
- '24.##9.177.192':21810
- '11#.#4.250.138':21810
- '46.##7.64.137':21810
- '24.##9.144.133':21810
- '58.#.13.197':21810
- '94.##.148.33':21810
- '21#.#97.140.60':21810
- '94.##8.60.150':21810
- '84.##7.134.185':21810
- '18#.2.73.36':21810
- '46.##.53.184':21810
- '21#.#50.101.188':21810
- '11#.#04.109.191':21810
- '82.##7.60.188':21810
- '17#.#6.39.55':21810
- '18#.#41.197.25':21810
- '70.##0.167.218':21810
- '11#.#78.27.26':21810
- '89.##.67.212':21810
- '79.##2.137.75':21810
- '17#.#25.187.224':21810
- '11#.#03.227.69':21810
- '24.##.89.220':21810
- '10#.#38.60.129':21810
- '17#.#26.151.197':21810
- '83.##3.246.28':21810
- '20#.#7.179.129':21810
- '89.##.218.28':21810
- '41.##7.105.209':21810
- '18#.#3.23.28':21810
- '89.##6.104.206':21810
- '31.##.83.112':21810
- '46.#9.32.8':21810
- '84.#21.9.76':21810
- '88.##6.132.50':21810
- '79.##9.86.164':21810
- '18#.#9.130.5':21810
- '21#.#38.228.105':21810
- '12#.#36.82.41':21810
- '78.#.50.215':21810
- '17#.#04.128.218':21810
- '11#.#2.131.125':21810
- '11#.#68.97.144':21810
- '18#.#60.32.223':21810
- '18#.#0.82.225':21810
- '11#.#41.189.114':21810
- '86.##.113.22':21810
- '78.#8.7.178':21810
- '18#.#9.234.163':21810
- '78.##.47.170':21810
- '92.##.21.174':21810
- '21#.#2.205.37':21810
- '46.#7.21.54':21810
- '79.##5.138.49':21810
- '95.##.235.178':21810
- '11#.#13.5.48':21810
- '69.#7.76.98':21810
- '12#.#55.250.6':21810
- '95.#5.79.81':21810
- '18#.#4.133.91':21810
- '79.##0.24.165':21810
- '18#.#3.15.196':21810
- '11#.#02.132.47':21810
- 19#.#05.154.210/stat2.php?w=#########################################
- 19#.#05.154.210/stat2.php?w=##########################################