Technical Information
- %TEMP%\20230925t200228_133.exe
- %TEMP%\20230925t200252_313.exe
- '20##########228_133.ltiapmyzmjxrvrts.info':80
- '20##########252_313.ltiapmyzmjxrvrts.info':80
- '20##########317_793.ltiapmyzmjxrvrts.info':80
- http://20##########228_133.ltiapmyzmjxrvrts.info/v4/20230925T200228_133.exe
- http://20##########252_313.ltiapmyzmjxrvrts.info/v4/20230925T200252_313.exe
- http://20##########317_793.ltiapmyzmjxrvrts.info/v4/20230925T200317_793.exe
- DNS ASK 20##########228_133.ltiapmyzmjxrvrts.info
- DNS ASK 20##########252_313.ltiapmyzmjxrvrts.info
- DNS ASK 20##########317_793.ltiapmyzmjxrvrts.info
- '%TEMP%\20230925t200228_133.exe'
- '%TEMP%\20230925t200252_313.exe'
- '<SYSTEM32>\cmd.exe' /c %TEMP%\20230925T200228_133.exe
- '<SYSTEM32>\cmd.exe' /c %TEMP%\20230925T200252_313.exe
- '<SYSTEM32>\cmd.exe' /c %TEMP%\20230925T200317_793.exe
- '<SYSTEM32>\cmd.exe' /c %TEMP%\20230925T200350_473.exe
- '<SYSTEM32>\cmd.exe' /c %TEMP%\20230925T200418_216.exe
- '<SYSTEM32>\cmd.exe' /c %TEMP%\20230925T200451_041.exe