Technical Information
- %TEMP%\80cada97e94fb12980211c61bddc73fa.exe
- %TEMP%\e92e70bbac5d5ea73eea69acd72c4d57.vbs
- %TEMP%\80cada97e94fb12980211c61bddc73fa.exe
- %TEMP%\e92e70bbac5d5ea73eea69acd72c4d57.vbs
- <Full path to file>
- 'ge##ekt.xyz':80
- http://ge##ekt.xyz/api/update.php
- DNS ASK ge##ekt.xyz
- '%WINDIR%\syswow64\wscript.exe' "%TEMP%\E92E70BBAC5D5EA73EEA69ACD72C4D57.vbs"