Technical Information
- %TEMP%\suc11.05.2016kit.bat
- %TEMP%\h1uqgbwzy8a.exe
- http://te###obuz.com/876jh5g4g4
- DNS ASK te###obuz.com
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\suc11.05.2016kit.bat" "' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\suc11.05.2016kit.bat" "