Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Voyto\feini.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Voyto\feini.exe'
- <SYSTEM32>\cscript.exe
- %TEMP%\tmpbbdd48ff.bat
- <LS_APPDATA>\quibys.eku
- %APPDATA%\Voyto\feini.exe
- 'hz#######baauzmzlzpbpvfafq.net':80
- 'in########desopjhapgqbeqoobto.com':80
- 'kz######zlxdmyrkqgmxmbqg.ru':80
- 'to########kduhejbxmrqwvwjhyij.org':80
- 'rw#######qcipnucydbegaheyld.ru':80
- 'wc#######kvdjznrnizaqtpraex.com':80
- 'tk#######uzxcalvxlnjnlir.biz':80
- 'gz######ropolvpfhcibmdu.com':80
- 'kj#######uaezhxcahudysuscquc.ru':80
- 'mr#######wsbqlgmtwzhwogywkm.com':80
- 'gy#######vwdihehkfeqddgulv.info':80
- 'ce#######krlfsttswlxsingi.biz':80
- 'wx#######chyhuxkmbzlpzhh.net':80
- 'sw########ylrczxrshdgeeqvwgu.org':80
- 'xg#########beueyhafaayqwmfovtzd.info':80
- 'mb######vwtwwcwcekjxsbe.org':80
- 'fa#######oqgwzxinmvgmknceem.biz':80
- 'fn#######irwtttgciugauivo.com':80
- 'kz#######dextsjruwjrpqg.info':80
- 'xf######zlkbjztcvcxzh.biz':80
- 'wa######ojxemdiidlzfut.ru':80
- 'da#######ssgxsmrfuirjzlrs.biz':80
- 'eq#######ucwshheeqwkaedpvh.info':80
- 'vw######kbwoirqdhhun.com':80
- 'vo######cgxnvobswpztgup.net':80
- 'fa#######uctuwhmfyyhtxhbehy.com':80
- 'us#######rjbwoxknqkyxpjnb.ru':80
- 'pp######bahdwgxdadaylws.com':80
- 'ge#######kwgorlfhdysgvcgmrg.biz':80
- 'if#######jzlrinfppfqoirib.org':80
- 'eu########cobdiizhprmvdubjv.info':80
- 'ha#######kbjfpqxbyxwdxcd.com':80
- 'bj######cyxmukcyekbmz.net':80
- 'xh#######jovrcobyobfpnzmb.com':80
- 'ly######lrxovcybauzxaeey.ru':80
- 'ro######ckjxdqorkjaivsv.org':80
- 'www.bing.com':80
- '74.##5.232.51':80
- 'zx########eqintgizdeckfskgm.info':80
- 'bk######zplzdhytkgzhde.com':80
- 'pv#######cxucdpvgumnlgilr.ru':80
- 'ln#######kjkjmvzhvgeugmtzxh.biz':80
- 'mz#######csgkzdaskzovhmaiuo.ru':80
- 'tw#######ojdanzfuplvyxxeqdm.com':80
- 'ca#######uejnibzxknvivlljjn.net':80
- 'pb########uovrgsofqkjetsaiamnr.biz':80
- 'xc#######jxkjeagucqfainjlb.info':80
- 'iv######qorlpvqhsgqo.org':80
- 'dq######gtifzhmzzpxlfbu.net':80
- 'eu#######iqgaypvkjwpkfjvrg.com':80
- 'my#######ssktifqwylirhew.info':80
- 'ae######qbytzdetbeeqlvs.biz':80
- 'pn#######vwkzzpkrtgbxswpz.ru':80
- 'di#######qzxgutwglcubagek.org':80
- 'dm######zeqpbtgeapbq.biz':80
- 'iv#######veamnvpbbfazduw.com':80
- http://hz#######baauzmzlzpbpvfafq.net/
- http://in########desopjhapgqbeqoobto.com/
- http://kz######zlxdmyrkqgmxmbqg.ru/
- http://to########kduhejbxmrqwvwjhyij.org/
- http://rw#######qcipnucydbegaheyld.ru/
- http://wc#######kvdjznrnizaqtpraex.com/
- http://tk#######uzxcalvxlnjnlir.biz/
- http://gz######ropolvpfhcibmdu.com/
- http://kj#######uaezhxcahudysuscquc.ru/
- http://mr#######wsbqlgmtwzhwogywkm.com/
- http://gy#######vwdihehkfeqddgulv.info/
- http://ce#######krlfsttswlxsingi.biz/
- http://wx#######chyhuxkmbzlpzhh.net/
- http://sw########ylrczxrshdgeeqvwgu.org/
- http://xg#########beueyhafaayqwmfovtzd.info/
- http://mb######vwtwwcwcekjxsbe.org/
- http://fa#######oqgwzxinmvgmknceem.biz/
- http://fn#######irwtttgciugauivo.com/
- http://kz#######dextsjruwjrpqg.info/
- http://xf######zlkbjztcvcxzh.biz/
- http://wa######ojxemdiidlzfut.ru/
- http://da#######ssgxsmrfuirjzlrs.biz/
- http://eq#######ucwshheeqwkaedpvh.info/
- http://vw######kbwoirqdhhun.com/
- http://vo######cgxnvobswpztgup.net/
- http://fa#######uctuwhmfyyhtxhbehy.com/
- http://us#######rjbwoxknqkyxpjnb.ru/
- http://pp######bahdwgxdadaylws.com/
- http://ge#######kwgorlfhdysgvcgmrg.biz/
- http://if#######jzlrinfppfqoirib.org/
- http://eu########cobdiizhprmvdubjv.info/
- http://ha#######kbjfpqxbyxwdxcd.com/
- http://bj######cyxmukcyekbmz.net/
- http://xh#######jovrcobyobfpnzmb.com/
- http://ly######lrxovcybauzxaeey.ru/
- http://ro######ckjxdqorkjaivsv.org/
- http://www.bing.com/
- http://www.google.com/ via 74.##5.232.51
- http://zx########eqintgizdeckfskgm.info/
- http://bk######zplzdhytkgzhde.com/
- http://pv#######cxucdpvgumnlgilr.ru/
- http://ln#######kjkjmvzhvgeugmtzxh.biz/
- http://mz#######csgkzdaskzovhmaiuo.ru/
- http://tw#######ojdanzfuplvyxxeqdm.com/
- http://ca#######uejnibzxknvivlljjn.net/
- http://pb########uovrgsofqkjetsaiamnr.biz/
- http://xc#######jxkjeagucqfainjlb.info/
- http://iv######qorlpvqhsgqo.org/
- http://dq######gtifzhmzzpxlfbu.net/
- http://eu#######iqgaypvkjwpkfjvrg.com/
- http://my#######ssktifqwylirhew.info/
- http://ae######qbytzdetbeeqlvs.biz/
- http://pn#######vwkzzpkrtgbxswpz.ru/
- http://di#######qzxgutwglcubagek.org/
- http://dm######zeqpbtgeapbq.biz/
- http://iv#######veamnvpbbfazduw.com/
- DNS ASK gy#######vwdihehkfeqddgulv.info
- DNS ASK sw########ylrczxrshdgeeqvwgu.org
- DNS ASK kj#######uaezhxcahudysuscquc.ru
- DNS ASK gz######ropolvpfhcibmdu.com
- DNS ASK kz######zlxdmyrkqgmxmbqg.ru
- DNS ASK in########desopjhapgqbeqoobto.com
- DNS ASK wx#######chyhuxkmbzlpzhh.net
- DNS ASK ce#######krlfsttswlxsingi.biz
- DNS ASK mr#######wsbqlgmtwzhwogywkm.com
- DNS ASK tw#######ojdanzfuplvyxxeqdm.com
- DNS ASK mz#######csgkzdaskzovhmaiuo.ru
- DNS ASK di#######qzxgutwglcubagek.org
- DNS ASK ca#######uejnibzxknvivlljjn.net
- DNS ASK iv######qorlpvqhsgqo.org
- DNS ASK xc#######jxkjeagucqfainjlb.info
- DNS ASK pb########uovrgsofqkjetsaiamnr.biz
- DNS ASK dq######gtifzhmzzpxlfbu.net
- DNS ASK hz#######baauzmzlzpbpvfafq.net
- DNS ASK fa#######oqgwzxinmvgmknceem.biz
- DNS ASK mb######vwtwwcwcekjxsbe.org
- DNS ASK us#######rjbwoxknqkyxpjnb.ru
- DNS ASK fa#######uctuwhmfyyhtxhbehy.com
- DNS ASK wa######ojxemdiidlzfut.ru
- DNS ASK xf######zlkbjztcvcxzh.biz
- DNS ASK xg#########beueyhafaayqwmfovtzd.info
- DNS ASK fn#######irwtttgciugauivo.com
- DNS ASK pp######bahdwgxdadaylws.com
- DNS ASK wc#######kvdjznrnizaqtpraex.com
- DNS ASK rw#######qcipnucydbegaheyld.ru
- DNS ASK to########kduhejbxmrqwvwjhyij.org
- DNS ASK tk#######uzxcalvxlnjnlir.biz
- DNS ASK da#######ssgxsmrfuirjzlrs.biz
- DNS ASK vo######cgxnvobswpztgup.net
- DNS ASK vw######kbwoirqdhhun.com
- DNS ASK eq#######ucwshheeqwkaedpvh.info
- DNS ASK kz#######dextsjruwjrpqg.info
- DNS ASK pv#######cxucdpvgumnlgilr.ru
- DNS ASK ln#######kjkjmvzhvgeugmtzxh.biz
- DNS ASK bk######zplzdhytkgzhde.com
- DNS ASK if#######jzlrinfppfqoirib.org
- DNS ASK eu########cobdiizhprmvdubjv.info
- DNS ASK www.google.com
- DNS ASK dm######zeqpbtgeapbq.biz
- DNS ASK www.bing.com
- DNS ASK zx########eqintgizdeckfskgm.info
- DNS ASK ro######ckjxdqorkjaivsv.org
- DNS ASK my#######ssktifqwylirhew.info
- DNS ASK ae######qbytzdetbeeqlvs.biz
- DNS ASK eu#######iqgaypvkjwpkfjvrg.com
- DNS ASK iv#######veamnvpbbfazduw.com
- DNS ASK pn#######vwkzzpkrtgbxswpz.ru
- DNS ASK ha#######kbjfpqxbyxwdxcd.com
- DNS ASK ge#######kwgorlfhdysgvcgmrg.biz
- DNS ASK ly######lrxovcybauzxaeey.ru
- DNS ASK bj######cyxmukcyekbmz.net
- DNS ASK xh#######jovrcobyobfpnzmb.com
- '99.#6.3.38':15247
- '75.#.222.103':11577
- '69.##.132.197':20764
- '19#.#4.127.98':25549
- '83.##.124.44':20448
- '19#.#69.125.228':29902
- '10#.#4.154.77':10640
- '95.##4.51.216':25833
- '78.##9.187.6':14384
- '11#.#4.79.38':11609
- '82.##5.56.26':23277
- '87.#.39.224':21416
- '21#.#51.47.84':26178
- '37.##.136.235':16020
- '71.##6.48.91':22174
- '94.##.116.190':26483
- ClassName: 'Indicator' WindowName: ''