Technical Information
- '%TEMP%\FlBiUJXxWMwrNseX.exe' x itjcnXjCzOt.zip -pq1w2e3r4t5y6u7i8o9 -y
- '%TEMP%\FlBiUJXxWMwrNseX.exe' (downloaded from the Internet)
- '<SYSTEM32>\cmd.exe' /k c: & cd\ & cd %HOMEPATH%\Local Settings\Temp & FlBiUJXxWMwrNseX.exe x itjcnXjCzOt.zip -pq1w2e3r4t5y6u7i8o9 -y & exit
- %TEMP%\itjcnXjCzOt.zip
- %TEMP%\FlBiUJXxWMwrNseX.exe
- 'at######nto-cadastro.com':80
- http://at######nto-cadastro.com/home/heicont.jpg
- http://at######nto-cadastro.com/home/jnsud.jpg
- DNS ASK at######nto-cadastro.com