Technical Information
- 'ra####ddixon.icu':80
- http://ra####ddixon.icu/f059ec3d7eb90876/sqlite3.dll
- DNS ASK ra####ddixon.icu
- '%WINDIR%\syswow64\cmd.exe' /c timeout /t 5 & del /f /q "<Full path to file>" & del "%ALLUSERSPROFILE%\*.dll"" & exit' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c timeout /t 5 & del /f /q "<Full path to file>" & del "%ALLUSERSPROFILE%\*.dll"" & exit
- '%WINDIR%\syswow64\timeout.exe' /t 5