Technical Information
- http://ku##iti.co/files/6/woko3m4ak7kbjx/windows 8.exe as %appdata%\example.exe
- %TEMP%\26b2.tmp\ats by laito.bat
- %TEMP%\26b2.tmp\ats by laito.bat
- DNS ASK ku##iti.co
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\26B2.tmp\ats by laito.bat" "<Full path to file>""' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\26B2.tmp\ats by laito.bat" "<Full path to file>""