Technical Information
- '' (downloaded from the Internet)
- %TEMP%\hddo.bat
- %TEMP%\enln.exe
- <Full path to file>
- 'su#####everybody.com':80
- http://su#####everybody.com/notepad.exe
- DNS ASK su#####everybody.com
- '%TEMP%\enln.exe'
- '<SYSTEM32>\cmd.exe' /c %TEMP%\hddo.bat "<Full path to file>"