Technical Information
- '<SYSTEM32>\wscript.exe' %TEMP%\ju0WJmm.js
- %TEMP%\ju0wjmm.js
- nul
- http://eu########r.nfesystem01x33.monster/?02#
- DNS ASK eu########r.nfesystem01x33.monster
- DNS ASK cl###flare.com
- '<SYSTEM32>\cmd.exe' /S /D /c" sEt/p cvjfhq6="%RXH:IWUIY=%%vif8q3d:1RJIT=/%" 0<nul 1>%TEMP%\ju0WJmm%ypyy%s"
- '<SYSTEM32>\cmd.exe' /S /D /c" md \ |"
- '<SYSTEM32>\cmd.exe' /S /D /c" echo stArt <SYSTEM32>\wsCript.eXe %TEMP%\ju0WJmm%ypyy%s"
- '<SYSTEM32>\cmd.exe'