Technical Information
- %APPDATA%\dodlog.bat
- %APPDATA%\msocache\iloveyou.txt
- %APPDATA%\dodlog.bat
- from <Full path to file> to %APPDATA%\msocache\googleupdete.exe
- 'ap#.#yip.com':443
- 'microsoft.com':80
- 'localhost':8080
- 'oc##.#tartssl.com':80
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- http://oc##.#tartssl.com/sub/class2/code/ca/MEMwQTA%2FMD0wOzAJBgUrDgMCGgUABBQSOgrhRCSnWfKxoWTjWxhk8hga9AQU0E4PQJlsuEsZbzsouODjiAc0qrcCAhAV
- 'ap#.#yip.com':443
- DNS ASK ap#.#yip.com
- DNS ASK microsoft.com
- DNS ASK oc##.#tartssl.com
- '%WINDIR%\syswow64\cmd.exe' /c ""%APPDATA%\DoDLog.bat" "' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ""%APPDATA%\DoDLog.bat" "
- '%WINDIR%\syswow64\chcp.com' 1251
- '%WINDIR%\syswow64\attrib.exe' +H +S /D "%APPDATA%\MSOCache\"