Technical Information
- '<SYSTEM32>\taskkill.exe' /f /im rundll32.exe
- %TEMP%\7ZipSfx.000\TLCJz.cmd
- %TEMP%\7ZipSfx.000\MkeEG.dll.zip
- %TEMP%\7ZipSfx.000\7za.dll
- %TEMP%\7ZipSfx.000\7za.exe
- %TEMP%\7ZipSfx.000\7zxa.dll
- %TEMP%\7ZipSfx.000\MkeEG.dll
- %TEMP%\7ZSfx000.cmd
- %TEMP%\7ZipSfx.000\7za.dll
- %TEMP%\7ZipSfx.000\7za.exe
- %TEMP%\7ZipSfx.000\7zxa.dll
- %TEMP%\7ZipSfx.000\MkeEG.dll
- %TEMP%\7ZipSfx.000\MkeEG.dll.zip
- %TEMP%\7ZipSfx.000\TLCJz.cmd
- <Full path to file>
- 'ad###ck.co.in':80
- http://ad###ck.co.in/YMnU0O
- DNS ASK ad###ck.co.in
- ClassName: '' WindowName: ''
- '%TEMP%\7ZipSfx.000\7za.exe' x -r -pafibpvytghjqltnyfhecb "%TEMP%\7ZipSfx.000\MkeEG.dll.zip" -o"%TEMP%\7ZipSfx.000"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZipSfx.000\TLCJz.cmd" "
- '<SYSTEM32>\rundll32.exe' "MkeEG.dll",ou34
- '<SYSTEM32>\schtasks.exe' /create /sc minute /mo 20 /tn "KMSAutoNet Update" /tr "<SYSTEM32>\rundll32.exe "<LS_APPDATA>\Microsoft\Windows\Caches\MkeEG.dll",ou34" /f
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZSfx000.cmd" "