Technical Information
- '' (downloaded from the Internet)
- '<SYSTEM32>\taskkill.exe' /pid 664
- %APPDATA%\tempfile.exe
- %APPDATA%\services.exe
- <Current directory>\ttmmp.bat
- %APPDATA%\services.exe
- %APPDATA%\tempfile.exe
- <Full path to file>
- 'localhost':1038
- 'w3####ter.f3322.net':80
- http://w3####ter.f3322.net/services32.exe
- DNS ASK w3####ter.f3322.net
- ClassName: '' WindowName: ''
- '%APPDATA%\services.exe'
- '<SYSTEM32>\cmd.exe' /c taskkill /pid 664
- '<SYSTEM32>\cmd.exe' /c ""<Current directory>\ttmmp.bat" "