Technical Information
- '%WINDIR%\explorer.exe' /c, %TEMP%\hdd2225.js
- %TEMP%\hdd2225.js
- 'no#######iu8r.4belwp2tgju5y.cf':443
- DNS ASK no#######iu8r.4belwp2tgju5y.cf
- '<SYSTEM32>\wscript.exe' "%TEMP%\hdd2225.js"
- '<SYSTEM32>\wscript.exe' "%TEMP%\hdd2225.js"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /S /D /c" sET/p eeeettt="%PPP:VAAA=%%777hhhh:UUI=/%" 0<nul 1>%TEMP%\hdd2225.js 2>&1"
- '<SYSTEM32>\cmd.exe' /S /D /c" CAll %VMM:OOOO=% %TEMP%\hdd2225.js 2>&1"
- '<SYSTEM32>\cmd.exe' /S /D /c" exiT"