Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\<File name>.exe.lnk
- C:\users\public\downloads\zwjjikcvr2fsxdvs65c8
- '10#.#72.79.5':80
- http://10#.#72.79.5/h51z7qpNe35DecAvOKdf/index.php?dC######################
- '<Full path to file>' ' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c > "C:\Users\Public\Downloads\G5nyyTmTDfo57tz2s7nj" && exit