Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Brightness Name Ordering' = 'C:\xlyidbchxjlkrm\mhajyxw.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\List WinHTTP CNG Secondary Fax] 'Start' = '00000002'
- 'C:\xlyidbchxjlkrm\irgewyifgzt.exe' "c:\xlyidbchxjlkrm\mhajyxw.exe"
- 'C:\xlyidbchxjlkrm\mhajyxw.exe'
- 'C:\xlyidbchxjlkrm\fq2nbuj9ufehcfpxao.exe'
- C:\xlyidbchxjlkrm\mhajyxw.exe
- C:\xlyidbchxjlkrm\irgewyifgzt.exe
- C:\xlyidbchxjlkrm\vwdsgwllp
- %WINDIR%\xlyidbchxjlkrm\llnk7ofevtx
- C:\xlyidbchxjlkrm\llnk7ofevtx
- C:\xlyidbchxjlkrm\fq2nbuj9ufehcfpxao.exe
- C:\xlyidbchxjlkrm\irgewyifgzt.exe
- C:\xlyidbchxjlkrm\mhajyxw.exe
- C:\xlyidbchxjlkrm\fq2nbuj9ufehcfpxao.exe
- %WINDIR%\xlyidbchxjlkrm\llnk7ofevtx
- 'el####icsettle.net':80
- 're####language.net':80
- 'ca####nbefore.net':80
- 're####settle.net':80
- 'el####icdevice.net':80
- 're####before.net':80
- 'el#####clanguage.net':80
- 're####device.net':80
- 'la###before.net':80
- 'la###settle.net':80
- 'ca####nsettle.net':80
- 'ni###before.net':80
- 'de####before.net':80
- 'la###device.net':80
- 'ca####ndevice.net':80
- 'la####anguage.net':80
- 'ca####nlanguage.net':80
- 'el####icbefore.net':80
- 'ga####language.net':80
- 'be####device.net':80
- 'ga####settle.net':80
- 'be####language.net':80
- 'ga####before.net':80
- 'fl###settle.net':80
- 'ga####device.net':80
- 'be####before.net':80
- 'be####settle.net':80
- 'st####language.net':80
- 'tr####anguage.net':80
- 'st####settle.net':80
- 'tr###settle.net':80
- 'st####before.net':80
- 'tr###before.net':80
- 'st####device.net':80
- 'tr###device.net':80
- 'de####device.net':80
- 'br####ontain.net':80
- 'fl###basket.net':80
- 'br###became.net':80
- 'fl####ontain.net':80
- 'se####industry.net':80
- 'qu###became.net':80
- 'br###basket.net':80
- 'qu####ndustry.net':80
- 'fl###became.net':80
- 'be####contain.net':80
- 'ga####contain.net':80
- 'be####became.net':80
- 'ga####became.net':80
- 'fl####ndustry.net':80
- 'br####ndustry.net':80
- 'be####basket.net':80
- 'ga####basket.net':80
- 'se####became.net':80
- 'do###before.net':80
- 'ni###settle.net':80
- 'do###device.net':80
- 'ag####tbefore.net':80
- 'de####language.net':80
- 'ni###device.net':80
- 'de####settle.net':80
- 'ni####anguage.net':80
- 'ag####tdevice.net':80
- 'qu###basket.net':80
- 'se####basket.net':80
- 'qu####ontain.net':80
- 'se####contain.net':80
- 'ag####tlanguage.net':80
- 'do####anguage.net':80
- 'ag####tsettle.net':80
- 'do###settle.net':80
- http://el####icsettle.net/index.php?me########
- http://re####language.net/index.php?me########
- http://ca####nbefore.net/index.php?me########
- http://re####settle.net/index.php?me########
- http://el####icdevice.net/index.php?me########
- http://re####before.net/index.php?me########
- http://el#####clanguage.net/index.php?me########
- http://re####device.net/index.php?me########
- http://la###before.net/index.php?me########
- http://la###settle.net/index.php?me########
- http://ca####nsettle.net/index.php?me########
- http://ni###before.net/index.php?me########
- http://de####before.net/index.php?me########
- http://la###device.net/index.php?me########
- http://ca####ndevice.net/index.php?me########
- http://la####anguage.net/index.php?me########
- http://ca####nlanguage.net/index.php?me########
- http://el####icbefore.net/index.php?me########
- http://ga####language.net/index.php?me########
- http://be####device.net/index.php?me########
- http://ga####settle.net/index.php?me########
- http://be####language.net/index.php?me########
- http://ga####before.net/index.php?me########
- http://fl###settle.net/index.php?me########
- http://ga####device.net/index.php?me########
- http://be####before.net/index.php?me########
- http://be####settle.net/index.php?me########
- http://st####language.net/index.php?me########
- http://tr####anguage.net/index.php?me########
- http://st####settle.net/index.php?me########
- http://tr###settle.net/index.php?me########
- http://st####before.net/index.php?me########
- http://tr###before.net/index.php?me########
- http://st####device.net/index.php?me########
- http://tr###device.net/index.php?me########
- http://de####device.net/index.php?me########
- http://br####ontain.net/index.php?me########
- http://fl###basket.net/index.php?me########
- http://br###became.net/index.php?me########
- http://fl####ontain.net/index.php?me########
- http://se####industry.net/index.php?me########
- http://qu###became.net/index.php?me########
- http://br###basket.net/index.php?me########
- http://qu####ndustry.net/index.php?me########
- http://fl###became.net/index.php?me########
- http://be####contain.net/index.php?me########
- http://ga####contain.net/index.php?me########
- http://be####became.net/index.php?me########
- http://ga####became.net/index.php?me########
- http://fl####ndustry.net/index.php?me########
- http://br####ndustry.net/index.php?me########
- http://be####basket.net/index.php?me########
- http://ga####basket.net/index.php?me########
- http://se####became.net/index.php?me########
- http://do###before.net/index.php?me########
- http://ni###settle.net/index.php?me########
- http://do###device.net/index.php?me########
- http://ag####tbefore.net/index.php?me########
- http://de####language.net/index.php?me########
- http://ni###device.net/index.php?me########
- http://de####settle.net/index.php?me########
- http://ni####anguage.net/index.php?me########
- http://ag####tdevice.net/index.php?me########
- http://qu###basket.net/index.php?me########
- http://se####basket.net/index.php?me########
- http://qu####ontain.net/index.php?me########
- http://se####contain.net/index.php?me########
- http://ag####tlanguage.net/index.php?me########
- http://do####anguage.net/index.php?me########
- http://ag####tsettle.net/index.php?me########
- http://do###settle.net/index.php?me########
- DNS ASK el####icsettle.net
- DNS ASK re####language.net
- DNS ASK ca####nbefore.net
- DNS ASK re####settle.net
- DNS ASK el#####clanguage.net
- DNS ASK re####before.net
- DNS ASK el####icbefore.net
- DNS ASK re####device.net
- DNS ASK el####icdevice.net
- DNS ASK la###settle.net
- DNS ASK ca####nsettle.net
- DNS ASK ni###before.net
- DNS ASK de####before.net
- DNS ASK la####anguage.net
- DNS ASK ca####ndevice.net
- DNS ASK la###before.net
- DNS ASK ca####nlanguage.net
- DNS ASK la###device.net
- DNS ASK ga####language.net
- DNS ASK be####device.net
- DNS ASK ga####settle.net
- DNS ASK be####language.net
- DNS ASK ga####device.net
- DNS ASK fl###settle.net
- DNS ASK br###settle.net
- DNS ASK be####before.net
- DNS ASK ga####before.net
- DNS ASK st####language.net
- DNS ASK tr####anguage.net
- DNS ASK st####settle.net
- DNS ASK tr###settle.net
- DNS ASK st####device.net
- DNS ASK tr###before.net
- DNS ASK be####settle.net
- DNS ASK tr###device.net
- DNS ASK st####before.net
- DNS ASK br####ontain.net
- DNS ASK fl###basket.net
- DNS ASK br###became.net
- DNS ASK fl####ontain.net
- DNS ASK br###basket.net
- DNS ASK qu###became.net
- DNS ASK se####became.net
- DNS ASK qu####ndustry.net
- DNS ASK se####industry.net
- DNS ASK be####contain.net
- DNS ASK ga####contain.net
- DNS ASK be####became.net
- DNS ASK ga####became.net
- DNS ASK be####basket.net
- DNS ASK br####ndustry.net
- DNS ASK fl###became.net
- DNS ASK ga####basket.net
- DNS ASK fl####ndustry.net
- DNS ASK do###before.net
- DNS ASK ni###settle.net
- DNS ASK do###device.net
- DNS ASK ag####tbefore.net
- DNS ASK de####settle.net
- DNS ASK ni###device.net
- DNS ASK de####device.net
- DNS ASK ni####anguage.net
- DNS ASK de####language.net
- DNS ASK qu###basket.net
- DNS ASK se####basket.net
- DNS ASK qu####ontain.net
- DNS ASK se####contain.net
- DNS ASK ag####tsettle.net
- DNS ASK do####anguage.net
- DNS ASK ag####tdevice.net
- DNS ASK do###settle.net
- DNS ASK ag####tlanguage.net
- ClassName: 'Shell_TrayWnd' WindowName: ''