Technical Information
- %TEMP%\f711e8b24cc16167d5b84d028a8c3d0c.exe
- %TEMP%\7fa3c0ee84cbfae03a4b56d9ca398267.vbs
- %TEMP%\f711e8b24cc16167d5b84d028a8c3d0c.exe
- %TEMP%\7fa3c0ee84cbfae03a4b56d9ca398267.vbs
- <Full path to file>
- 'ge##ekt.xyz':80
- http://ge##ekt.xyz/api/update.php
- DNS ASK ge##ekt.xyz
- '%WINDIR%\syswow64\wscript.exe' "%TEMP%\7FA3C0EE84CBFAE03A4B56D9CA398267.vbs"