Technical Information
- <SYSTEM32>\putty.vbs
- <SYSTEM32>\putty.vbs
- 'ww###.#ippyshare.com':443
- DNS ASK ww###.#ippyshare.com
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' Remove-Item "<SYSTEM32>\putty.vbs" -Stream Zone.Identifier
- '<SYSTEM32>\wscript.exe' "<SYSTEM32>\putty.vbs"
- '<SYSTEM32>\attrib.exe' +H <SYSTEM32>\putty.vbs' (with hidden window)
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' Remove-Item "<SYSTEM32>\putty.vbs" -Stream Zone.Identifier' (with hidden window)
- '<SYSTEM32>\wscript.exe' "<SYSTEM32>\putty.vbs"' (with hidden window)
- '<SYSTEM32>\attrib.exe' +H <SYSTEM32>\putty.vbs