Technical Information
- <Current directory>\unofe5csvx5jae1s.exe
- nul
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012020102120201022\index.dat
- http://51.##.33.155/waveexec/WaveExec2.exe
- http://51.##.33.155/waveexec/version.php
- http://oc##.thawte.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEEeXTXhzpbyrDS%2BzcBkvzl4%3D
- DNS ASK di##ord.gg
- DNS ASK microsoft.com
- DNS ASK di##ord.com
- DNS ASK oc##.thawte.com
- ClassName: 'DDEMLMom' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '<Current directory>\unofe5csvx5jae1s.exe' -startexec
- '<SYSTEM32>\cmd.exe' /C ping 1.1.1.1 -n 1 -w 3000 > Nul & Del /f /q "<Full path to file>"
- '<SYSTEM32>\ping.exe' 1.1.1.1 -n 1 -w 3000
- '<SYSTEM32>\cmd.exe' /c START https://discord.gg/W7JeeEs