Technical Information
- '' (downloaded from the Internet)
- C:\users\public\documents\1.zip
- C:\users\public\documents\8z.exe
- C:\users\public\documents\ziprun.lnk
- C:\users\public\documents\svchost.txt
- C:\users\public\documents\321.exe
- C:\users\public\documents\987.txt
- C:\users\public\documents\rundll322.exe
- %ALLUSERSPROFILE%\ini.ini
- '11#.#9.36.231':280
- '66##4.bid':1802
- http://11#.##.36.231:280/c.zip?=0 via 11#.#9.36.231
- http://11#.##.36.231:280/8z.exe via 11#.#9.36.231
- '66##4.bid':1802
- DNS ASK fu###ou3601.com
- DNS ASK 66##4.bid
- 'C:\users\public\documents\8z.exe' x C:\\Users\\Public\\Documents\\1.zip
- 'C:\users\public\documents\321.exe' -c
- 'C:\users\public\documents\321.exe'
- 'C:\users\public\documents\8z.exe' x C:\\Users\\Public\\Documents\\1.zip' (with hidden window)
- 'C:\users\public\documents\321.exe' -c' (with hidden window)
- 'C:\users\public\documents\321.exe' ' (with hidden window)