Technical Information
- '' (downloaded from the Internet)
- '%APPDATA%\poiuytrewasdfghjkl.exe'
- %APPDATA%\poiuytrewasdfghjkl.exe
- http://co######niversityblog.com/docxx/ik/admin.exe
- http://19#.#39.147.103/base/715BDBD15B22AC3E0204FB22E8387DAA.html
- http://19#.#39.147.103/base/C402B5F53B0EE6E125EDBD0F8F9B2DDF.html
- http://19#.#39.147.103/base/4618307D61EEB6933334A81C41C65C46.html
- http://19#.#39.147.103/base/4EB58883154573138C7C3460936A9C8D.html
- DNS ASK co######niversityblog.com
- '%CommonProgramFiles%\microsoft shared\equation\eqnedt32.exe' -Embedding