Technical Information
- '%TEMP%\4axx1l10r.exe'
- nul
- %TEMP%\4axx1l10r.exe
- '10#.#15.102.211':443
- http://10#.41.2.23/w133709.txt?nu#####
- '<SYSTEM32>\cmd.exe' /c defrag /?>nul 2>nul' (with hidden window)
- '%TEMP%\4axx1l10r.exe' ' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c defrag /?>nul 2>nul
- '<SYSTEM32>\defrag.exe' /?