Technical Information
- <Current directory>\2020.11.¸öèë×êáïµµ°¸.docx
- <Current directory>\30de7lq.jpg
- %TEMP%\_ns.bat
- <Current directory>\30de7lq.jpg
- http://no######.##s-cn-chengdu.aliyuncs.com/580763584917.bmp
- DNS ASK no######.##s-cn-chengdu.aliyuncs.com
- ClassName: 'ConsoleWindowClass' WindowName: ''
- '<Current directory>\30de7lq.jpg' Chromeupdate
- '<SYSTEM32>\cmd.exe' /c attrib 30de7lQ.jpg +s +h' (with hidden window)
- '<Current directory>\30de7lq.jpg' Chromeupdate' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\_ns.bat" "' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c attrib 30de7lQ.jpg +s +h
- '<SYSTEM32>\attrib.exe' 30de7lQ.jpg +s +h
- '%ProgramFiles%\microsoft office\office14\winword.exe' /n "<Current directory>\2020.11.¸öÈË×ÊÁϵµ°¸.docx"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\_ns.bat" "