Technical Information
- '%TEMP%\bbkTMnnOjUBnxo.exe' x gUffJNWHZaKtPT.zip -ptx141618AAB@ -y
- '%TEMP%\bbkTMnnOjUBnxo.exe' (downloaded from the Internet)
- '<SYSTEM32>\cmd.exe' /k c: & cd\ & cd %HOMEPATH%\Local Settings\Temp & bbkTMnnOjUBnxo.exe x gUffJNWHZaKtPT.zip -ptx141618AAB@ -y & exit
- %TEMP%\gUffJNWHZaKtPT.zip
- %TEMP%\bbkTMnnOjUBnxo.exe
- 'el#####tes132.com.br':80
- http://el#####tes132.com.br/erilidio2/dp9dt7n.txt
- http://el#####tes132.com.br/cascavel/pr.jpg
- DNS ASK el#####tes132.com.br
- ClassName: 'MS_WINHELP' WindowName: ''