Technical Information
- %TEMP%\unie4d2.tmp.bat
- '18#.#89.241.200':28899
- '18#.#89.241.40':4098
- '45.##3.202.60':6000
- '18#.#89.241.198':28899
- http://18#.#89.241.200/client/s?u=###############################################################
- http://18#.#89.241.40/cr.jpg?v=######
- http://45.##3.202.60/hokdf.jpg?v=######
- http://18#.#89.241.198/client/s?u=#################################################################
- '23#.#79.128.235':23759
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\UniE4D2.tmp.bat""' (with hidden window)
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 4 "<Full path to file>"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\UniE4D2.tmp.bat""