Technical Information
- '%WINDIR%\explorer.exe' /c, %TEMP%\Fcvjltd.jS
- %TEMP%\fcvjltd.js
- DNS ASK 0m#########7mjsh.c5ed8706b6584e.website
- '<SYSTEM32>\wscript.exe' "%TEMP%\Fcvjltd.Js"
- '<SYSTEM32>\wscript.exe' "%TEMP%\Fcvjltd.Js"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /S /D /c" sET/p ILivd7g="%XDW:CBEY=%%mxu8u4d:UFM=/%" 0<nul 1>%TEMP%\Fcvjltd.Js 2>&1"
- '<SYSTEM32>\cmd.exe' /S /D /c" CAll %HPE:QLCS=% %TEMP%\Fcvjltd.jS 2>&1"
- '<SYSTEM32>\cmd.exe' /S /D /c" exiT"