Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Session SPP Distributed Class Name' = '%APPDATA%\gnulqtdotzpoik\xzwaviuongs.exe'
- %APPDATA%\gnulqtdotzpoik\xzwaviuongs.exe
- %APPDATA%\gnulqtdotzpoik\axcodglojus.exe
- %APPDATA%\gnulqtdotzpoik\xzwaviuongs.zs
- %APPDATA%\gnulqtdotzpoik\xzwaviuongs.exe
- %APPDATA%\gnulqtdotzpoik\axcodglojus.exe
- 'su####stream.net':80
- 'th####tstream.net':80
- 'wa###stream.net':80
- 'localhost':80
- 'sm###stream.net':80
- 'fr####usiness.net':80
- 'ex#####ncebusiness.net':80
- 'fo####manner.net':80
- 'wa####nother.net':80
- 'wa####usiness.net':80
- http://su####stream.net/forum/search.php?em#####################################
- http://th####tstream.net/forum/search.php?em#####################################
- http://wa###stream.net/forum/search.php?em#####################################
- http://sm###stream.net/forum/search.php?em#####################################
- http://fr####usiness.net/forum/search.php?em#####################################
- http://ex#####ncebusiness.net/forum/search.php?em#####################################
- http://fo####manner.net/forum/search.php?em#####################################
- http://wa####nother.net/forum/search.php?em#####################################
- http://wa####usiness.net/forum/search.php?em#####################################
- DNS ASK kn###stream.net
- DNS ASK me####business.net
- DNS ASK fo####business.net
- DNS ASK me####another.net
- DNS ASK fo####another.net
- DNS ASK me####manner.net
- DNS ASK fo####manner.net
- DNS ASK al####yappear.net
- DNS ASK ge####manappear.net
- DNS ASK al####ybusiness.net
- DNS ASK ge#####anbusiness.net
- DNS ASK al####yanother.net
- DNS ASK ge#####ananother.net
- DNS ASK al####ymanner.net
- DNS ASK ge####manmanner.net
- DNS ASK ex#####nceappear.net
- DNS ASK fr###appear.net
- DNS ASK ex#####ncebusiness.net
- DNS ASK fo####appear.net
- DNS ASK me####appear.net
- DNS ASK be###manner.net
- DNS ASK kn###manner.net
- DNS ASK wa####nother.net
- DNS ASK th####tanother.net
- DNS ASK wa###manner.net
- DNS ASK th####tmanner.net
- DNS ASK cr###appear.net
- DNS ASK su####appear.net
- DNS ASK cr####usiness.net
- DNS ASK su####business.net
- DNS ASK su####another.net
- DNS ASK cr####nother.net
- DNS ASK cr###manner.net
- DNS ASK su####manner.net
- DNS ASK kn###appear.net
- DNS ASK be###appear.net
- DNS ASK kn####usiness.net
- DNS ASK be####usiness.net
- DNS ASK kn####nother.net
- DNS ASK be####nother.net
- DNS ASK th####tbusiness.net
- DNS ASK fr####usiness.net
- DNS ASK ex#####nceanother.net
- DNS ASK fr####nother.net
- DNS ASK th####tnothing.net
- DNS ASK wa###stream.net
- DNS ASK th####tstream.net
- DNS ASK cr###divide.net
- DNS ASK su####divide.net
- DNS ASK cr###bottle.net
- DNS ASK su####bottle.net
- DNS ASK cr####othing.net
- DNS ASK su####nothing.net
- DNS ASK cr###stream.net
- DNS ASK su####stream.net
- DNS ASK kn###divide.net
- DNS ASK be###divide.net
- DNS ASK kn###bottle.net
- DNS ASK be###bottle.net
- DNS ASK kn####othing.net
- DNS ASK be####othing.net
- DNS ASK wa####othing.net
- DNS ASK th####tbottle.net
- DNS ASK wa###bottle.net
- DNS ASK th####tdivide.net
- DNS ASK fr###manner.net
- DNS ASK fi###divide.net
- DNS ASK pa###divide.net
- DNS ASK fi###bottle.net
- DNS ASK pa###bottle.net
- DNS ASK fi####othing.net
- DNS ASK pa####othing.net
- DNS ASK fi###stream.net
- DNS ASK sm###divide.net
- DNS ASK pa###stream.net
- DNS ASK wo###divide.net
- DNS ASK sm###bottle.net
- DNS ASK wo###bottle.net
- DNS ASK sm####othing.net
- DNS ASK wo####othing.net
- DNS ASK sm###stream.net
- DNS ASK wo###stream.net
- DNS ASK wa###divide.net
- DNS ASK ex#####ncemanner.net
- DNS ASK wa####usiness.net
- '%APPDATA%\gnulqtdotzpoik\xzwaviuongs.exe'
- '%APPDATA%\gnulqtdotzpoik\axcodglojus.exe' "%APPDATA%\gnulqtdotzpoik\xzwaviuongs.exe"