Technical Information
- %TEMP%\hxwmyh.exe
- %TEMP%\wdpgww.bat
- %TEMP%\lnubctz.bat
- %TEMP%\uomblhgw.bat
- from %TEMP%\wdpgww.bat to %TEMP%\uomblhgw.bat
- DNS ASK 10##u.info
- '%TEMP%\hxwmyh.exe'
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\lnubctz.bat' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\lnubctz.bat
- '%WINDIR%\syswow64\ping.exe' 127.0.0.1