Technical Information
- '66##alm.com':80
- http://66##alm.com/54fbf4b9ffe8c98d/sqlite3.dll
- DNS ASK 66##alm.com
- '%WINDIR%\syswow64\cmd.exe' /c timeout /t 5 & del /f /q "<Full path to file>" & del "%ALLUSERSPROFILE%\*.dll"" & exit' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c timeout /t 5 & del /f /q "<Full path to file>" & del "%ALLUSERSPROFILE%\*.dll"" & exit
- '%WINDIR%\syswow64\timeout.exe' /t 5