Technical Information
- %APPDATA%\okle\gratspho
- %ALLUSERSPROFILE%\okle\gratspho
- %ProgramFiles(x86)%\tellimahorizonajbinstall\tellimaihorizon.exe
- %TEMP%\nsxd846.tmp
- %TEMP%\nsrd875.tmp\langdll.dll
- %APPDATA%\okle\gratspho
- %ALLUSERSPROFILE%\okle\gratspho
- 'th######resoftsolutions.com':443
- DNS ASK th######resoftsolutions.com
- '%ProgramFiles(x86)%\tellimahorizonajbinstall\tellimaihorizon.exe' 83257180671911 ql0wv10la55adZpaewcJByKdgv/g527jUruwL9N85Tn6H5cgjoEiqcpRzfybKjYbMXgNAO6Fb1QCC1X0huuDIfyxWYpAzKElTbT2LV3XRvc=
- '%WINDIR%\syswow64\cmd.exe' /d /c timeout 5 & cmd /d /c del /f /q "<Full path to file>"' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /d /c timeout 5 & cmd /d /c del /f /q "<Full path to file>"
- '%WINDIR%\syswow64\timeout.exe' 5
- '%WINDIR%\syswow64\cmd.exe' /d /c del /f /q "<Full path to file>"