Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Peer WLAN Helper Installer Offline Image Driver' = '<SYSTEM32>\yleaiftjcahs.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\IKE Computer Counter Connection File] 'ImagePath' = '<SYSTEM32>\yleaiftjcahs.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\IKE Computer Counter Connection File] 'Start' = '00000002'
- Windows Security Center
- '<SYSTEM32>\shnvittxlvxn.exe' "<SYSTEM32>\yleaiftjcahs.exe"
- '%WINDIR%\Temp\lya7m8kjqa43onkixj.exe' -r 31804 tcp
- '%TEMP%\lya7m8kjsv8k1bnkixjurcgxc.exe'
- '<SYSTEM32>\yleaiftjcahs.exe'
- <SYSTEM32>\pfvzengs\run
- <SYSTEM32>\pfvzengs\rng
- %WINDIR%\Temp\lya7m8kjqa43onkixj.exe
- <SYSTEM32>\pfvzengs\cfg
- <SYSTEM32>\shnvittxlvxn.exe
- %TEMP%\lya7m8kjsv8k1bnkixjurcgxc.exe
- <SYSTEM32>\pfvzengs\tst
- <SYSTEM32>\yleaiftjcahs.exe
- <SYSTEM32>\pfvzengs\etc
- <SYSTEM32>\shnvittxlvxn.exe
- <SYSTEM32>\yleaiftjcahs.exe
- %WINDIR%\Temp\lya7m8kjqa43onkixj.exe
- %TEMP%\lya7m8kjsv8k1bnkixjurcgxc.exe
- <DRIVERS>\etc\hosts
- 'ta###arth.net':80
- 'wa###llow.net':80
- 'wa###arth.net':80
- 'wa###aste.net':80
- 'ta###aste.net':80
- 'ta###llow.net':80
- 'yo###eight.net':80
- 'tr###took.net':80
- 'tr###weight.net':80
- 'wa###ives.net':80
- 'ta###ives.net':80
- 'pi###taste.net':80
- 'mu###aste.net':80
- 've###ives.net':80
- 've###llow.net':80
- 'we###ives.net':80
- 'pi###earth.net':80
- 'pi###gives.net':80
- 'mu###ives.net':80
- 'mu###llow.net':80
- 'mu###arth.net':80
- 'pi###allow.net':80
- 'yo###ook.net':80
- 'pl###took.net':80
- 'fi###ook.net':80
- 'fi###eight.net':80
- 'vi###erve.net':80
- 'pl###weight.net':80
- 'pl###come.net':80
- 'se###weight.net':80
- 'le###weight.net':80
- 'fi###erve.net':80
- 'fi###ome.net':80
- 'pl###nerve.net':80
- 'yo###erve.net':80
- 'lr###weight.net':80
- 'tr###nerve.net':80
- 'tr###come.net':80
- 'yo###ome.net':80
- 'vi###eight.net':80
- 'vi###ome.net':80
- 'lr###nerve.net':80
- 'lr###come.net':80
- 'lr###took.net':80
- 'vi###ook.net':80
- 'lr###gives.net':80
- 'vi###ives.net':80
- 'vi###llow.net':80
- 'th###while.net':80
- 'lr###allow.net':80
- 'pl###taste.net':80
- 'pl###allow.net':80
- 'fi###llow.net':80
- 'fi###arth.net':80
- 'fi###aste.net':80
- 'pl###earth.net':80
- 'se####strong.net':80
- 'si######edwerryhouse.net':80
- 'de####promise.net':80
- 'or###thrown.net':80
- 'jo####ymeasure.net':80
- 'mo####gduring.net':80
- 'ri###nstorm.net':80
- 'ef###tbuilt.net':80
- 'of####urprise.net':80
- 'ch####nother.net':80
- 'gw#####ynhuddleston.net':80
- 'pl###gives.net':80
- 'fa###llow.net':80
- 'to###ives.net':80
- 'to###llow.net':80
- 'to###arth.net':80
- 'fa###arth.net':80
- 'fa###ives.net':80
- 've###arth.net':80
- 'we###llow.net':80
- 'we###arth.net':80
- 'we###aste.net':80
- 've###aste.net':80
- 'se###earth.net':80
- 'le###earth.net':80
- 'le###taste.net':80
- 'fi###ives.net':80
- 'se###taste.net':80
- 'se###allow.net':80
- 'to###aste.net':80
- 'fa###aste.net':80
- 'le###gives.net':80
- 'le###allow.net':80
- 'se###gives.net':80
- http://ta###arth.net/index.php
- http://wa###llow.net/index.php
- http://wa###arth.net/index.php
- http://wa###aste.net/index.php
- http://ta###aste.net/index.php
- http://ta###llow.net/index.php
- http://yo###eight.net/index.php
- http://tr###took.net/index.php
- http://tr###weight.net/index.php
- http://wa###ives.net/index.php
- http://ta###ives.net/index.php
- http://pi###taste.net/index.php
- http://mu###aste.net/index.php
- http://ve###ives.net/index.php
- http://ve###llow.net/index.php
- http://we###ives.net/index.php
- http://pi###earth.net/index.php
- http://pi###gives.net/index.php
- http://mu###ives.net/index.php
- http://mu###llow.net/index.php
- http://mu###arth.net/index.php
- http://pi###allow.net/index.php
- http://yo###ook.net/index.php
- http://pl###took.net/index.php
- http://fi###ook.net/index.php
- http://fi###eight.net/index.php
- http://vi###erve.net/index.php
- http://pl###weight.net/index.php
- http://pl###come.net/index.php
- http://se###weight.net/index.php
- http://le###weight.net/index.php
- http://fi###erve.net/index.php
- http://fi###ome.net/index.php
- http://pl###nerve.net/index.php
- http://yo###erve.net/index.php
- http://lr###weight.net/index.php
- http://tr###nerve.net/index.php
- http://tr###come.net/index.php
- http://yo###ome.net/index.php
- http://vi###eight.net/index.php
- http://vi###ome.net/index.php
- http://lr###nerve.net/index.php
- http://lr###come.net/index.php
- http://lr###took.net/index.php
- http://vi###ook.net/index.php
- http://lr###gives.net/index.php
- http://vi###ives.net/index.php
- http://vi###llow.net/index.php
- http://th###while.net/index.php
- http://lr###allow.net/index.php
- http://pl###taste.net/index.php
- http://pl###allow.net/index.php
- http://fi###llow.net/index.php
- http://fi###arth.net/index.php
- http://fi###aste.net/index.php
- http://pl###earth.net/index.php
- http://se####strong.net/index.php
- http://si######edwerryhouse.net/index.php
- http://de####promise.net/index.php
- http://or###thrown.net/index.php
- http://jo####ymeasure.net/index.php
- http://mo####gduring.net/index.php
- http://ri###nstorm.net/index.php
- http://ef###tbuilt.net/index.php
- http://of####urprise.net/index.php
- http://ch####nother.net/index.php
- http://gw#####ynhuddleston.net/index.php
- http://pl###gives.net/index.php
- http://fa###llow.net/index.php
- http://to###ives.net/index.php
- http://to###llow.net/index.php
- http://to###arth.net/index.php
- http://fa###arth.net/index.php
- http://fa###ives.net/index.php
- http://ve###arth.net/index.php
- http://we###llow.net/index.php
- http://we###arth.net/index.php
- http://we###aste.net/index.php
- http://ve###aste.net/index.php
- http://se###earth.net/index.php
- http://le###earth.net/index.php
- http://le###taste.net/index.php
- http://fi###ives.net/index.php
- http://se###taste.net/index.php
- http://se###allow.net/index.php
- http://to###aste.net/index.php
- http://fa###aste.net/index.php
- http://le###gives.net/index.php
- http://le###allow.net/index.php
- http://se###gives.net/index.php
- DNS ASK wa###llow.net
- DNS ASK ta###llow.net
- DNS ASK ta###arth.net
- DNS ASK ta###aste.net
- DNS ASK wa###arth.net
- DNS ASK wa###ives.net
- DNS ASK tr###took.net
- DNS ASK yo###ook.net
- DNS ASK yo###eight.net
- DNS ASK ta###ives.net
- DNS ASK tr###weight.net
- DNS ASK wa###aste.net
- DNS ASK pi###taste.net
- DNS ASK mu###aste.net
- DNS ASK ve###ives.net
- DNS ASK ve###llow.net
- DNS ASK we###ives.net
- DNS ASK pi###earth.net
- DNS ASK pi###gives.net
- DNS ASK mu###ives.net
- DNS ASK mu###llow.net
- DNS ASK mu###arth.net
- DNS ASK pi###allow.net
- DNS ASK fi###ook.net
- DNS ASK pl###come.net
- DNS ASK pl###took.net
- DNS ASK pl###weight.net
- DNS ASK fi###eight.net
- DNS ASK fi###ome.net
- DNS ASK le###weight.net
- DNS ASK se###took.net
- DNS ASK se###weight.net
- DNS ASK pl###nerve.net
- DNS ASK fi###erve.net
- DNS ASK vi###erve.net
- DNS ASK yo###erve.net
- DNS ASK lr###weight.net
- DNS ASK tr###nerve.net
- DNS ASK tr###come.net
- DNS ASK yo###ome.net
- DNS ASK vi###eight.net
- DNS ASK vi###ome.net
- DNS ASK lr###nerve.net
- DNS ASK lr###come.net
- DNS ASK lr###took.net
- DNS ASK vi###ook.net
- DNS ASK lr###gives.net
- DNS ASK vi###ives.net
- DNS ASK vi###llow.net
- DNS ASK th###while.net
- DNS ASK lr###allow.net
- DNS ASK pl###taste.net
- DNS ASK pl###allow.net
- DNS ASK fi###llow.net
- DNS ASK fi###arth.net
- DNS ASK fi###aste.net
- DNS ASK pl###earth.net
- DNS ASK se####strong.net
- DNS ASK si######edwerryhouse.net
- DNS ASK de####promise.net
- DNS ASK or###thrown.net
- DNS ASK jo####ymeasure.net
- DNS ASK mo####gduring.net
- DNS ASK ri###nstorm.net
- DNS ASK ef###tbuilt.net
- DNS ASK of####urprise.net
- DNS ASK ch####nother.net
- DNS ASK gw#####ynhuddleston.net
- DNS ASK pl###gives.net
- DNS ASK fa###llow.net
- DNS ASK to###ives.net
- DNS ASK to###llow.net
- DNS ASK to###arth.net
- DNS ASK fa###arth.net
- DNS ASK fa###ives.net
- DNS ASK ve###arth.net
- DNS ASK we###llow.net
- DNS ASK we###arth.net
- DNS ASK we###aste.net
- DNS ASK ve###aste.net
- DNS ASK se###earth.net
- DNS ASK le###earth.net
- DNS ASK le###taste.net
- DNS ASK fi###ives.net
- DNS ASK se###taste.net
- DNS ASK se###allow.net
- DNS ASK to###aste.net
- DNS ASK fa###aste.net
- DNS ASK le###gives.net
- DNS ASK le###allow.net
- DNS ASK se###gives.net
- '23#.#55.255.250':1900