Technical Information
- [<HKLM>\System\CurrentControlSet\Services\Color Enumerator CardSpace Session Builder] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Color Enumerator CardSpace Session Builder] 'ImagePath' = 'C:\ifvwnyzliwljck\iliizrhyep.exe'
- 'Color Enumerator CardSpace Session Builder' C:\ifvwnyzliwljck\iliizrhyep.exe
- %WINDIR%\ifvwnyzliwljck\pcpnep0a
- C:\ifvwnyzliwljck\pcpnep0a
- C:\ifvwnyzliwljck\zbln0mfuuukrfbxrbjsw.exe
- C:\ifvwnyzliwljck\iliizrhyep.exe
- C:\ifvwnyzliwljck\xsffeeb.exe
- C:\ifvwnyzliwljck\akcrunn0
- C:\ifvwnyzliwljck\iliizrhyep.exe
- C:\ifvwnyzliwljck\xsffeeb.exe
- %WINDIR%\ifvwnyzliwljck\pcpnep0a
- C:\ifvwnyzliwljck\zbln0mfuuukrfbxrbjsw.exe
- %WINDIR%\ifvwnyzliwljck\pcpnep0a
- 'ex####fifteen.net':80
- 'fo####narticle.net':80
- 'ci#####tefifteen.net':80
- 'ch####enfifteen.net':80
- 'en####hangry.net':80
- 'ma####eservice.net':80
- http://ex####fifteen.net/index.php
- http://fo####narticle.net/index.php
- http://ci#####tefifteen.net/index.php
- http://ch####enfifteen.net/index.php
- http://en####hangry.net/index.php
- http://ma####eservice.net/index.php
- DNS ASK en#####understand.net
- DNS ASK fa###yangry.net
- DNS ASK ch####enangry.net
- DNS ASK fa####fifteen.net
- DNS ASK ch####enfifteen.net
- DNS ASK fa###ydried.net
- DNS ASK ch####endried.net
- DNS ASK ci#####tearticle.net
- DNS ASK pi####earticle.net
- DNS ASK ci####tteangry.net
- DNS ASK pi####eangry.net
- DNS ASK ci#####tefifteen.net
- DNS ASK pi####efifteen.net
- DNS ASK ci####ttedried.net
- DNS ASK pi####edried.net
- DNS ASK th####article.net
- DNS ASK fi####article.net
- DNS ASK th###hangry.net
- DNS ASK ch####enarticle.net
- DNS ASK fa####article.net
- DNS ASK ei###rdried.net
- DNS ASK en####hdried.net
- DNS ASK ma####esuppose.net
- DNS ASK pe####suppose.net
- DNS ASK ma####emister.net
- DNS ASK pe####mister.net
- DNS ASK be####eriver.net
- DNS ASK ex###triver.net
- DNS ASK be####eservice.net
- DNS ASK ex####service.net
- DNS ASK ex####suppose.net
- DNS ASK be####esuppose.net
- DNS ASK be####emister.net
- DNS ASK ex####mister.net
- DNS ASK en####harticle.net
- DNS ASK ei####article.net
- DNS ASK en####hangry.net
- DNS ASK ei###rangry.net
- DNS ASK en####hfifteen.net
- DNS ASK ei####fifteen.net
- DNS ASK pe####service.net
- DNS ASK fi###eangry.net
- DNS ASK th####fifteen.net
- DNS ASK fi####fifteen.net
- DNS ASK pe####fifteen.net
- DNS ASK ma####edried.net
- DNS ASK pe###ndried.net
- DNS ASK be####earticle.net
- DNS ASK ex####article.net
- DNS ASK be####eangry.net
- DNS ASK ex###tangry.net
- DNS ASK be####efifteen.net
- DNS ASK ex####fifteen.net
- DNS ASK be####edried.net
- DNS ASK ex###tdried.net
- DNS ASK en####hbutter.net
- DNS ASK ei####butter.net
- DNS ASK en####hbehind.net
- DNS ASK ei####behind.net
- DNS ASK en####hbroad.net
- DNS ASK ei###rbroad.net
- DNS ASK ma####efifteen.net
- DNS ASK pe###nangry.net
- DNS ASK ma####eangry.net
- DNS ASK pe####article.net
- DNS ASK fi###edried.net
- DNS ASK ri####rticle.net
- DNS ASK wh####rarticle.net
- DNS ASK ri###angry.net
- DNS ASK wh####rangry.net
- DNS ASK ri####ifteen.net
- DNS ASK wh####rfifteen.net
- DNS ASK ri###dried.net
- DNS ASK fo####narticle.net
- DNS ASK wh####rdried.net
- DNS ASK su####article.net
- DNS ASK fo####nangry.net
- DNS ASK su###nangry.net
- DNS ASK fo####nfifteen.net
- DNS ASK su####fifteen.net
- DNS ASK fo####ndried.net
- DNS ASK su###ndried.net
- DNS ASK ma####earticle.net
- DNS ASK th###hdried.net
- DNS ASK ma####eservice.net
- 'C:\ifvwnyzliwljck\zbln0mfuuukrfbxrbjsw.exe'
- 'C:\ifvwnyzliwljck\iliizrhyep.exe'
- 'C:\ifvwnyzliwljck\xsffeeb.exe' "c:\ifvwnyzliwljck\iliizrhyep.exe"