Technical Information
- %TEMP%\kuahyvgdwcymwdfrarekqnpat44.exe
- %APPDATA%\microsoft\windows\start menu\programs\firefox\firefox.ex.exe
- %APPDATA%\36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee\run.dat
- 'bm#.##mpbanten.id':80
- 'gr####an.hopto.org':9070
- 'localhost':9070
- http://bm#.##mpbanten.id/zen/Alwsqmc_Ztrhsicf.jpg
- DNS ASK bm#.##mpbanten.id
- DNS ASK gr####an.hopto.org
- '%TEMP%\kuahyvgdwcymwdfrarekqnpat44.exe'
- '%WINDIR%\syswow64\cmd.exe' /c timeout 10' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c timeout 10
- '%WINDIR%\syswow64\timeout.exe' 10