Technical Information
- '%TEMP%\JdpUZvWVnlh.exe' x nXWleDiwTjjQCW.zip -pq1w2e3r4t5y6u7i8o9 -y
- '%TEMP%\JdpUZvWVnlh.exe' (downloaded from the Internet)
- '<SYSTEM32>\cmd.exe' /k c: & cd\ & cd %HOMEPATH%\Local Settings\Temp & JdpUZvWVnlh.exe x nXWleDiwTjjQCW.zip -pq1w2e3r4t5y6u7i8o9 -y & exit
- %TEMP%\nXWleDiwTjjQCW.zip
- %TEMP%\JdpUZvWVnlh.exe
- '5.##.160.144':80
- http://5.##.160.144/hbcct/y7639eh3s.txt
- http://5.##.160.144/hbcct/798asydcc.txt