Technical Information
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\startup\abc.txt.exe
- %WINDIR%\temp\task.bat
- <Current directory>\1
- 'dr##box.com':443
- '12#.#23.123.123':80
- 'te####ature.world':80
- '31.#.62.214':80
- '19#.#47.6.253':80
- 'do####ad.easeus.com':80
- 'na########a.testcomunicamasa.com':443
- '18#.#32.53.119':80
- http://www.te####ature.world/static/apps/97.zip
- http://do####ad.easeus.com/free/toolsm.exe
- 'dr##box.com':443
- 'na########a.testcomunicamasa.com':443
- DNS ASK dr##box.com
- DNS ASK jl####ytdtjqys.in
- DNS ASK te####ature.world
- DNS ASK do####wsgawsgpo.in
- DNS ASK fa#####ischappstore.com
- DNS ASK xj##xjx.com
- DNS ASK cs####wq.kfesv.xyz
- DNS ASK do####ad.easeus.com
- DNS ASK na########a.testcomunicamasa.com
- '%WINDIR%\syswow64\cmd.exe' /c ipconfig /all && net view && SCHTASKS /CREATE /SC DAILY /TN "windows system task" /TR "%WINDIR%\temp\Task.bat" /ST 11:00
- '%WINDIR%\syswow64\ipconfig.exe' /all
- '%WINDIR%\syswow64\net.exe' view