Technical Information
- '<SYSTEM32>\wscript.exe' %TEMP%\udJxu8q.js
- %TEMP%\udjxu8q.js
- nul
- http://0v#######6y.tumperfirg.monster/?8/
- DNS ASK 0v#######6y.tumperfirg.monster
- '<SYSTEM32>\cmd.exe' /S /D /c" sEt/p mbs6gt0="%NMV:ICFEP=%%29Lcv27:1JBSU=/%" 0<nul 1>%TEMP%\udJxu8q%yngb%s"
- '<SYSTEM32>\cmd.exe' /S /D /c" md \ |"
- '<SYSTEM32>\cmd.exe' /S /D /c" echo stArt <SYSTEM32>\wsCript.eXe %TEMP%\udJxu8q%yngb%s"
- '<SYSTEM32>\cmd.exe'