Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\TyUdtnSloA.lnk
- %TEMP%\6zw243z.zip
- %APPDATA%\urso.urso
- %TEMP%\6zw243z.zip
- 're#####idencial.info':80
- http://re#####idencial.info/XsM_uS4/6zw243z.zip
- DNS ASK re#####idencial.info
- '<SYSTEM32>\cmd.exe' /k cd C:\SEdXkQnEaQ\NuGDTtXTIwGhTswTj\sdooAbbxkayrxFmdpLw\CIKONcPKSxBRAGPlXFTV\jlOcKSLWjIFcuMEkyMQmnPBQLrzLmY\ggokUgvxtqQOHlDEBtfNhDyRxKTDekNhGAJuRQwc\\TyUdtnSloA\ && start TyUdtnSloA.exe /Auto...