Technical Information
- %TEMP%\jus1.tmp
- %WINDIR%\tmp4298.tmp
- %CommonProgramFiles%\ODBC\ODBC0\ibjlgiycgu.onezd
- %TEMP%\jus1.tmp
- <Full path to file>
- from %WINDIR%\tmp4298.tmp to %WINDIR%\imejpknl.dll
- '<SYSTEM32>\extrac32.exe' %TEMP%\jus1.tmp /L "%WINDIR%\"
- '<SYSTEM32>\cmd.exe' /c ping 0.0.0.0 -n 1 & del "<Full path to file>"
- '<SYSTEM32>\ping.exe' 0.0.0.0 -n 1