Technical Information
- %TEMP%\nbvxcg.exe
- %TEMP%\content\3620-2916-wscript.exe-19-50-00-862.dump
- 'ra####llasia.com':443
- http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?95##############
- 'ra####llasia.com':443
- DNS ASK ra####llasia.com
- ClassName: 'OleMainThreadWndClass' WindowName: ''