Technical Information
- %TEMP%\tvbxpn6wwa7jjq
- %TEMP%\tvbxpn6wwa7jjq.dll
- '21#.#40.104.2':80
- http://80.##1.232.207/tpryd9
- http://www.me##.metro.ru/uumr65
- DNS ASK tw####pitals.com
- DNS ASK me##.metro.ru
- DNS ASK vi###lw.name
- '%WINDIR%\syswow64\rundll32.exe' %TEMP%\TVBXPN~1.DLL,qwerty 323