Technical Information
- %APPDATA%\okle\gratspho
- %ALLUSERSPROFILE%\okle\gratspho
- %ProgramFiles(x86)%\panaxfutureqwminstall\panaxzfuture.exe
- %TEMP%\nsw9637.tmp
- %TEMP%\nsm9696.tmp\langdll.dll
- %APPDATA%\okle\gratspho
- %ALLUSERSPROFILE%\okle\gratspho
- 'th######resoftsolutions.com':443
- DNS ASK th######resoftsolutions.com
- '%ProgramFiles(x86)%\panaxfutureqwminstall\panaxzfuture.exe' 05536909880918 omKihzByle7wbp6+J0bhtfY3U5W8/kf1FGUJX+1H4nyCUTn9CZ44lhcwDuoehizsA864LbjLilpbEXzZAeNVUMSSzNpFcfOYTnJFSrEra54=
- '%WINDIR%\syswow64\cmd.exe' /d /c timeout 5 & cmd /d /c del /f /q "<Full path to file>"' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /d /c timeout 5 & cmd /d /c del /f /q "<Full path to file>"
- '%WINDIR%\syswow64\timeout.exe' 5
- '%WINDIR%\syswow64\cmd.exe' /d /c del /f /q "<Full path to file>"