Technical Information
- from %WINDIR%\microsoft.net\framework\v4.0.30319\installutil.exe to %TEMP%\tmpg116.tmp
- '2.##.57.220':80
- http://2.##.57.220/Ajfck_Hrrfctiy.png
- '%WINDIR%\syswow64\cmd.exe' /c timeout 35' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c timeout 35
- '%WINDIR%\syswow64\timeout.exe' 35
- '%WINDIR%\microsoft.net\framework\v4.0.30319\installutil.exe'