Technical Information
- %TEMP%\is-c9g46.tmp\<File name>.tmp
- %TEMP%\is-he0ti.tmp\_isetup\_setup64.tmp
- %TEMP%\is-he0ti.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-he0ti.tmp\idp.dll
- %TEMP%\is-he0ti.tmp\1075474_ah_hot_iconçè_)))_.exe
- 're####ted404.com':80
- 'microsoft.com':80
- 'co###ctini.net':443
- DNS ASK re####ted404.com
- DNS ASK co###ctini.net
- DNS ASK microsoft.com
- '%TEMP%\is-c9g46.tmp\<File name>.tmp' /SL5="$B0230,506127,422400,<Full path to file>"
- '%TEMP%\is-he0ti.tmp\1075474_ah_hot_iconçè_)))_.exe' /S /UID=rec7
- '%TEMP%\is-he0ti.tmp\1075474_ah_hot_iconçè_)))_.exe' /S /UID=rec7' (with hidden window)