Technical Information
- '' (downloaded from the Internet)
- %TEMP%\FRzZy.zip
- %TEMP%\AaEQjBKIuS.exe
- 'el#####tes132.com.br':80
- http://el#####tes132.com.br/gertrudes.txt
- http://el#####tes132.com.br/pr.jpg
- DNS ASK el#####tes132.com.br
- '%TEMP%\AaEQjBKIuS.exe' x FRzZy.zip -pA10203040 -y
- '<SYSTEM32>\cmd.exe' /k c: & cd\ & cd %HOMEPATH%\Local Settings\Temp & AaEQjBKIuS.exe x FRzZy.zip -pA10203040 -y & exit