Technical Information
- '' (downloaded from the Internet)
- %TEMP%\contemp.exe
- %TEMP%\contemp.exe
- 'di####upload.site':80
- http://di####upload.site/PWD.jpg
- DNS ASK di####upload.site
- '%TEMP%\contemp.exe' all -oN
- '<SYSTEM32>\cmd.exe' /cEcho off & del /q %TEMP%\contemp.exe & Exit