Technical Information
- %HOMEPATH%\appdata\local\temp\foldern\name.exe.lnk
- %TEMP%\svhost.exe
- from <Full path to file> to %HOMEPATH%\appdata\local\temp\melt.txt
- '<SYSTEM32>\cmd.exe' /c echo [zoneTransfer]ZoneID = 2 > %temp%\FolderN\name.exe:Zone.Identifier' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c ren "%temp%\FolderN\name.exe.jpg" name.exe' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c echo [zoneTransfer]ZoneID = 2 > %temp%\FolderN\name.exe:Zone.Identifier
- '<SYSTEM32>\cmd.exe' /c ren "%temp%\FolderN\name.exe.jpg" name.exe