Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\dllhost7.exe
- http://pa###bin.com/raw/vU7kMDx6
- DNS ASK pa###bin.com
- DNS ASK dr##box.com
- DNS ASK uc#############8e07c4fa14886.dl.dropboxusercontent.com
- '<SYSTEM32>\cmd.exe' /C ping 1.1.1.1 -n 1 -w 1 Nul & Del "<Full path to file>' (with hidden window)
- '<SYSTEM32>\cmd.exe' /C ping 1.1.1.1 -n 1 -w 1 Nul & Del "<Full path to file>
- '<SYSTEM32>\ping.exe' 1.1.1.1 -n 1 -w 1 Nul