Technical Information
- '<SYSTEM32>\attrib.exe' -r -s -h <Virus name>.exe
- '<SYSTEM32>\cmd.exe' /c ""<Current directory>\FlrRgg6T.bat" <Virus name>.exe"
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\wbem\wmiprvse.exe
- <SYSTEM32>\cscript.exe
- <SYSTEM32>\cmd.exe
- <SYSTEM32>\svchost.exe
- <Current directory>\FlrRgg6T.bat
- %WINDIR%\ijjdw.fjy
- %WINDIR%\ijjdw.fjy
- '71.##4.46.94':35618
- '27.##.121.253':35618
- '72.##8.216.163':35618
- '75.##0.43.90':35618
- '18#.#37.150.175':35618
- '98.##4.154.196':35618
- '18#.#9.17.14':35618
- '80.##.236.46':35618
- '84.##9.80.14':35618
- DNS ASK google.com
- DNS ASK microsoft.com
- ClassName: 'Shell_TrayWnd' WindowName: ''