Technical Information
- %TEMP%\setm.dll
- <Current directory>\_deleteme.bat
- %TEMP%\setm.dll
- http://do##.#230578.com/checks.7z
- DNS ASK do##.#230578.com
- '%WINDIR%\syswow64\cmd.exe' /c <Current directory>\_deleteme.bat' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c <Current directory>\_deleteme.bat