Technical Information
- %TEMP%\114392195462544572243.tmp-shm
- %TEMP%\114392195462544572243.tmp-shm
- http://www.or###uuts.com/upload/error.php
- DNS ASK or###uuts.com
- '%WINDIR%\syswow64\cmd.exe' /c <SYSTEM32>\timeout.exe 3 & del "<File name>.exe"' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c <SYSTEM32>\timeout.exe 3 & del "<File name>.exe"
- '%WINDIR%\syswow64\timeout.exe' 3