Technical Information
- %APPDATA%\okle\gratspho
- %ALLUSERSPROFILE%\okle\gratspho
- %ProgramFiles(x86)%\dantefutureuyiinstall\dantejfuture.exe
- %TEMP%\nsx55e.tmp
- %TEMP%\nsr5db.tmp\langdll.dll
- %APPDATA%\okle\gratspho
- %ALLUSERSPROFILE%\okle\gratspho
- 'to####terapp.com':443
- DNS ASK to####terapp.com
- '%ProgramFiles(x86)%\dantefutureuyiinstall\dantejfuture.exe' 63688494771618 JMMXzlmomjyWpyrAvfCjqhrZXzdvzgPg0+2Uo6016+sMwP87RSS7qseqlOS33SLi3LG4qSWwTPsp5En9KjiZCi4UwjzR94gPQi9Mt+DVGYY=
- '%WINDIR%\syswow64\cmd.exe' /d /c timeout 5 & cmd /d /c del /f /q "<Full path to file>"' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /d /c timeout 5 & cmd /d /c del /f /q "<Full path to file>"
- '%WINDIR%\syswow64\timeout.exe' 5
- '%WINDIR%\syswow64\cmd.exe' /d /c del /f /q "<Full path to file>"