Technical Information
- <Drive name for removable media>:\explorer.vbs
- %TEMP%\Binder.exe
- %TEMP%\explorer.vbs
- %TEMP%\F21D2D5.jpg
- <Drive name for removable media>:\explorer.vbs
- %TEMP%\F21D2D5.jpg
- 'localhost':1036
- 'se#######m16g10.serveftp.com':80
- http://se#######m16g10.serveftp.com/im-azerty
- DNS ASK se#######m16g10.serveftp.com
- '%TEMP%\Binder.exe'
- '<SYSTEM32>\wscript.exe' "%TEMP%\explorer.vbs"
- '<SYSTEM32>\schtasks.exe' /Create /TN WindowsUpda2ta /xml %TEMP%\F21D2D5.jpg