Technical Information
- https://www63.zippyshare.com/d/ki3odfqk/34563/server.exe as %temp%\example.exe
- %TEMP%\253.tmp\ozkbpcsn.bat
- %TEMP%\example.exe
- %TEMP%\253.tmp\ozkbpcsn.bat
- 'ww###.#ippyshare.com':443
- DNS ASK ww###.#ippyshare.com
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\253.tmp\OzKBpcSN.bat" "<Full path to file>""' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\253.tmp\OzKBpcSN.bat" "<Full path to file>""