Technical Information
- '' (downloaded from the Internet)
- '%APPDATA%\kdot1632.exe'
- %APPDATA%\kdot1632.exe
- 'ca##inz.gq':80
- DNS ASK ca##inz.gq
- '<SYSTEM32>\cmd.exe' /c timeout 1' (with hidden window)
- '%CommonProgramFiles%\microsoft shared\equation\eqnedt32.exe' -Embedding
- '<SYSTEM32>\cmd.exe' /c timeout 1