Technical Information
- %TEMP%\rad61ae9.tmp
- 'at####rcanopee.com':80
- http://at####rcanopee.com/templates/ateliercanopee/js/1c.jpg
- DNS ASK xn#####aalyp1d.xn--p1ai
- DNS ASK at####rcanopee.com
- '<SYSTEM32>\cmd.exe' /c %TEMP%\rad61AE9.tmp' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c %TEMP%\rad61AE9.tmp
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shell32.dll,OpenAs_RunDLL %TEMP%\rad61AE9.tmp