Technical Information
- %TEMP%\20230913t032849_901.exe
- %TEMP%\20230913t032927_041.exe
- %TEMP%\20230913t032950_771.exe
- '20##########849_901.ltiapmyzmjxrvrts.info':80
- '20##########927_041.ltiapmyzmjxrvrts.info':80
- '20##########950_771.ltiapmyzmjxrvrts.info':80
- '20##########014_524.ltiapmyzmjxrvrts.info':80
- http://20##########849_901.ltiapmyzmjxrvrts.info/v4/20230913T032849_901.exe
- http://20##########927_041.ltiapmyzmjxrvrts.info/v4/20230913T032927_041.exe
- http://20##########950_771.ltiapmyzmjxrvrts.info/v4/20230913T032950_771.exe
- http://20##########014_524.ltiapmyzmjxrvrts.info/v4/20230913T033014_524.exe
- DNS ASK 20##########849_901.ltiapmyzmjxrvrts.info
- DNS ASK 20##########927_041.ltiapmyzmjxrvrts.info
- DNS ASK 20##########950_771.ltiapmyzmjxrvrts.info
- DNS ASK 20##########014_524.ltiapmyzmjxrvrts.info
- '%TEMP%\20230913t032849_901.exe'
- '%TEMP%\20230913t032927_041.exe'
- '%TEMP%\20230913t032950_771.exe'
- '<SYSTEM32>\cmd.exe' /c %TEMP%\20230913T032849_901.exe
- '<SYSTEM32>\cmd.exe' /c %TEMP%\20230913T032927_041.exe
- '<SYSTEM32>\cmd.exe' /c %TEMP%\20230913T032950_771.exe
- '<SYSTEM32>\cmd.exe' /c %TEMP%\20230913T033014_524.exe