Technical Information
- %LOCALAPPDATA%low\fraqbc8ws-shm
- %LOCALAPPDATA%low\6qalc9itf-shm
- %LOCALAPPDATA%low\fraqbc8ws-shm
- %LOCALAPPDATA%low\6qalc9itf-shm
- 'tt##tt.me':443
- '34.#8.52.57':80
- http://34.#8.52.57//l/f/2ktOpHkBuI_ccNKoruCm/5bd1766938655439fc11f4d3392db0246ce527c0
- http://34.#8.52.57/
- 'tt##tt.me':443
- DNS ASK tt##tt.me
- '%WINDIR%\syswow64\cmd.exe' /C timeout /T 10 /NOBREAK > Nul & Del /f /q "<Full path to file>"
- '%WINDIR%\syswow64\timeout.exe' /T 10 /NOBREAK