Technical Information
- %TEMP%\<File name>.exe
- <Full path to file>_and deleteme.bat
- <Full path to file>_and deleteme.bat
- 'bk#####.e2.luyouxia.net':27797
- '<LOCALNET>.13.37':0
- DNS ASK bk#####.e2.luyouxia.net
- '%TEMP%\<File name>.exe'
- '%WINDIR%\syswow64\cmd.exe' /c ""<File name>.exe_And DeleteMe.bat""' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ""<File name>.exe_And DeleteMe.bat""