Technical Information
- %TEMP%\b23b.tmp\b24b.tmp\b24c.bat
- %TEMP%\b23b.tmp\b24b.tmp\b24c.bat
- '<LOCALNET>.1.209':8080
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\B23B.tmp\B24B.tmp\B24C.bat <Full path to file>"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\B23B.tmp\B24B.tmp\B24C.bat <Full path to file>"
- '<SYSTEM32>\cmd.exe' /c del "<Full path to file>"