Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\veluvidotevilofirodibalezamituma.lnk
- %TEMP%\uXuBMoy.zip
- %APPDATA%\file.ok
- %TEMP%\uXuBMoy.zip
- 'pr####osbrasil.info':80
- http://www.pr####osbrasil.info/04-05-2018unip/aprovados/ead/uXuBMoy.zip via pr####osbrasil.info
- DNS ASK www.pr####osbrasil.info
- '<SYSTEM32>\cmd.exe' /k cd C:\\veluvidotevilofirodibalezamituma\ && start veluvidotevilofirodibalezamituma.exe && exit