Technical Information
- https://www.up##ad.ee/download/5940874/34d8cc116d6210010d54/server.exe as %temp%\update.exe
- %TEMP%\9d50.tmp\9d51.bat
- %TEMP%\9d50.tmp\9d51.bat
- 'up##ad.ee':443
- DNS ASK up##ad.ee
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\9D50.tmp\9D51.bat <Full path to file>"