Technical Information
- %TEMP%\is-4or6l.tmp\<File name>.tmp
- %TEMP%\is-o5acr.tmp\_isetup\_setup64.tmp
- %TEMP%\is-o5acr.tmp\eukfyj.exe
- %TEMP%\is-o5acr.tmp\fwl.zip
- %TEMP%\is-o5acr.tmp\jodwscp.exe
- 'yo###nparty.com':80
- 'fi##-5.ru':80
- http://yo###nparty.com/v2/events
- '%TEMP%\is-4or6l.tmp\<File name>.tmp' /SL5="$802BE,2747072,121344,<Full path to file>"
- '%TEMP%\is-o5acr.tmp\eukfyj.exe' -P AjbVSqQ "FwL.zip"
- '%TEMP%\is-o5acr.tmp\jodwscp.exe' 1e00d65096aa5d19ed00f2f1fc1241a1
- '%TEMP%\is-o5acr.tmp\eukfyj.exe' -P AjbVSqQ "FwL.zip"' (with hidden window)