Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '6e7333cc52ff255d5e874645ce6e2377' = '"%TEMP%\4uwer.exe" ..'
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\Run] '6e7333cc52ff255d5e874645ce6e2377' = '"%TEMP%\4uwer.exe" ..'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\4uwer.exe" "4uwer.exe" ENABLE
- %TEMP%\minecraftinstalleer.exe
- %TEMP%\minecraftinstaller.msi
- %TEMP%\4uwer.exe
- http://pa###bin.com/raw/58Ry5VFk
- DNS ASK pa###bin.com
- DNS ASK ig####ay.ddns.net
- '%TEMP%\minecraftinstalleer.exe'
- '%TEMP%\4uwer.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\4uwer.exe" "4uwer.exe" ENABLE' (with hidden window)
- '%WINDIR%\syswow64\msiexec.exe' /i "%TEMP%\MinecraftInstaller.msi"