Technical Information
- %TEMP%\b4e715bcfb713a30d7e2a55b6b74d55a.exe
- %TEMP%\83565b0ee9e8915cf0f780e6e0032e68.vbs
- %TEMP%\b4e715bcfb713a30d7e2a55b6b74d55a.exe
- %TEMP%\83565b0ee9e8915cf0f780e6e0032e68.vbs
- <Full path to file>
- 'ge##ekt.xyz':80
- http://ge##ekt.xyz/api/update.php
- DNS ASK ge##ekt.xyz
- '%WINDIR%\syswow64\wscript.exe' "%TEMP%\83565B0EE9E8915CF0F780E6E0032E68.vbs"