Technical Information
- '' (downloaded from the Internet)
- %TEMP%\FDCPrx.zip
- %TEMP%\LPeuA.exe
- '14#.#6.180.164':80
- http://14#.#6.180.164/klono.rtf
- http://14#.#6.180.164/ovo.jpg
- '%TEMP%\LPeuA.exe' x FDCPrx.zip -pvim123456 -y
- '<SYSTEM32>\cmd.exe' /k c: & cd\ & cd %HOMEPATH%\Local Settings\Temp & LPeuA.exe x FDCPrx.zip -pvim123456 -y & exit