'%HOMEPATH%\winex.exe' (downloaded from the Internet)
'%HOMEPATH%\aglx.exe' (downloaded from the Internet)
Modifies file system :
Creates the following files:
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\006[1].gif
%HOMEPATH%\b.c
%HOMEPATH%\ntlod.dat
C:\download\swin32.exe
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\005[1].gif
%HOMEPATH%\a.b
Sets the 'hidden' attribute to the following files:
%HOMEPATH%\winex.exe
%HOMEPATH%\aglx.exe
Moves the following files:
from %HOMEPATH%\b.c to %HOMEPATH%\winex.exe
from %HOMEPATH%\a.b to %HOMEPATH%\aglx.exe
Network activity:
Connects to:
'an####nand.com.au':80
'localhost':1036
TCP:
HTTP GET requests:
an####nand.com.au/images/006.gif
an####nand.com.au/images/005.gif
UDP:
DNS ASK an####nand.com.au
Miscellaneous:
Searches for the following windows:
ClassName: 'MS_WINHELP' WindowName: ''
Descargue Dr.Web para Android
Gratis por 3 meses
Todos los componentes de protección
Renovación de la demo a través de AppGallery/Google Pay
Si Vd. continúa usando este sitio web, esto significa que Vd. acepta el uso de archivos Cookie y otras tecnologías para que recabemos las estadísticas sobre los visitantes. Más información