Technical Information
- C:\000.bat
- C:\001.ini
- from <Full path to file> to <PATH_SAMPLE>╕╜╩⌠┬δГє║gwgsu-.exe
- http://do##.9udn.com/lolgx.txt
- DNS ASK do##.9udn.com
- '%WINDIR%\syswow64\cmd.exe' /c C:\000.BAT' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c C:\000.BAT