Technical Information
- '%TEMP%\TsZHOe.exe' (downloaded from the Internet)
- '<SYSTEM32>\ping.exe' -n 5 -w 1000 127.0.0.1
- '<SYSTEM32>\cmd.exe' /c ""<Current directory>\1.bat" "
- '%TEMP%\TsZHOe.exe'
- <Current directory>\1.bat
- %TEMP%\TsZHOe.exe
- <Current directory>\1.bat
- %TEMP%\TsZHOe.exe
- 'gr#####.altervista.org':80
- 'localhost':1036
- http://gr#####.altervista.org/img/inc/a2
- DNS ASK gr#####.altervista.org