Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'SMELLF' = '%HOMEPATH%\prognostic\Pleasep.vbs'
- %WINDIR%\explorer.exe
- %WINDIR%\syswow64\wscript.exe
- pleasep.exe
- iexplore.exe
- iexplore.exe process, wininet.dll module
- %HOMEPATH%\prognostic\pleasep.exe
- %HOMEPATH%\prognostic\pleasep.vbs
- %HOMEPATH%\prognostic\pleasep.exe
- 'drive.google.com':443
- 'do#########ocs.googleusercontent.com':443
- DNS ASK drive.google.com
- DNS ASK do#########ocs.googleusercontent.com
- '%HOMEPATH%\prognostic\pleasep.exe'
- '%WINDIR%\syswow64\wscript.exe'
- '%WINDIR%\syswow64\cmd.exe' del "%HOMEPATH%\prognostic\Pleasep.exe"