Technical Information
- '%WINDIR%\explorer.exe' /c, %TEMP%\mikdLqx.jS
- %TEMP%\mikdlqx.js
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- DNS ASK mi###umbra.net
- DNS ASK microsoft.com
- '<SYSTEM32>\wscript.exe' "%TEMP%\mikdLqx.Js"
- '<SYSTEM32>\wscript.exe' "%TEMP%\mikdLqx.Js"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /S /D /c" sET/p hq3ILqm="%AYV:NSTR=%%vj27q3I:SFD=/%" 0<nul 1>%TEMP%\mikdLqx.Js 2>&1"
- '<SYSTEM32>\cmd.exe' /S /D /c" CAll %IOM:KQPY=% %TEMP%\mikdLqx.jS 2>&1"
- '<SYSTEM32>\cmd.exe' /S /D /c" exiT"