Technical Information
- %TEMP%\<File name>.exe
- <Full path to file>_and deleteme.bat
- <Full path to file>_and deleteme.bat
- '27#######6as.e2.luyouxia.net':33548
- '<LOCALNET>.69.13':0
- DNS ASK 27#######6as.e2.luyouxia.net
- '%TEMP%\<File name>.exe'
- '%WINDIR%\syswow64\cmd.exe' /c ""<File name>.exe_And DeleteMe.bat""' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ""<File name>.exe_And DeleteMe.bat""