Technical Information
- %TEMP%\pzhnmpyxx
- %TEMP%\pzhnmpyxx.dll
- http://ba#######story.portalstream.net/9654ntqg
- http://www.fr###ider.it/ovmukq
- http://www.me##.metro.ru/5snupe
- http://cl###fmalw.ws/0lq45
- DNS ASK ba#######story.portalstream.net
- DNS ASK fr###ider.it
- DNS ASK me##.metro.ru
- DNS ASK ro#####toy.dommel.be
- DNS ASK cl###fmalw.ws
- '%WINDIR%\syswow64\rundll32.exe' %TEMP%\PZHNMP~1.DLL,qwerty 323