Technical Information
- '' (downloaded from the Internet)
- %TEMP%\IbiMflTKFfqRneIDQ.zip
- %TEMP%\HDvK.exe
- 'pe####snaafrica.ml':80
- http://pe####snaafrica.ml/mod/viagemmexico.jpg
- http://pe####snaafrica.ml/mod/cachorra.jpg
- DNS ASK pe####snaafrica.ml
- '%TEMP%\HDvK.exe' x IbiMflTKFfqRneIDQ.zip -pq1w2e3r4t5y6u7i8o9 -y
- '<SYSTEM32>\cmd.exe' /k c: & cd\ & cd %HOMEPATH%\Local Settings\Temp & HDvK.exe x IbiMflTKFfqRneIDQ.zip -pq1w2e3r4t5y6u7i8o9 -y & exit