Technical Information
- %APPDATA%\microsoft\windows\templates\boost_thread2.dll
- %HOMEPATH%\application data\microsoft\forms\excel.box
- %TEMP%\vbc113.tmp
- %TEMP%\vbc1d1.tmp
- %TEMP%\vbc1e4.tmp
- %TEMP%\vbc1f6.tmp
- %TEMP%\63c01000
- %TEMP%\doreal.xlsx.zip
- %TEMP%\oleobject1.bin
- %APPDATA%\microsoft\windows\templates\boost_thread2.dll
- %TEMP%\vbc102.tmp
- %TEMP%\vbc1d0.tmp
- %TEMP%\vbc1e3.tmp
- %TEMP%\vbc1f5.tmp
- from %TEMP%\vbc113.tmp to %TEMP%\vbc102.tmp
- from %TEMP%\vbc1d1.tmp to %TEMP%\vbc1d0.tmp
- from %TEMP%\vbc1e4.tmp to %TEMP%\vbc1e3.tmp
- from %TEMP%\vbc1f6.tmp to %TEMP%\vbc1f5.tmp
- from %TEMP%\63c01000 to %TEMP%\doreal.xlsx
- 'ne###corp.com':443
- DNS ASK ne###corp.com