Technical Information
- %TEMP%\7f9wyyvcrxo3v.dll
- http://ga####creation.be/bc368
- http://ge#######yarbakirsigorta.com/bnm4y
- DNS ASK ga####creation.be
- DNS ASK he##ai.tc
- DNS ASK ge#######yarbakirsigorta.com
- '%WINDIR%\syswow64\rundll32.exe' %TEMP%\7F9WYY~1.DLL,woody