Technical Information
- %TEMP%\ctp..bat
- http://pa##am.com/angrybeavers.php?in##############################################################################################################
- DNS ASK yandex.ru
- DNS ASK 16#.com
- DNS ASK my###ble.com
- DNS ASK pa##am.com
- DNS ASK th###nte.com
- '%WINDIR%\syswow64\cmd.exe' /q /c "%TEMP%\Ctp..bat" > nul 2> nul' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /q /c "%TEMP%\Ctp..bat" > nul 2> nul