Technical Information
- %WINDIR%\syswow64\rundll32.exe
- 6177.exe
- %TEMP%\nsc5957.tmp
- %TEMP%\2243.exe
- %TEMP%\~310967.tmp
- %TEMP%\6177.exe
- %TEMP%\bm752f.tmp
- %TEMP%\2243.exe
- %TEMP%\6177.exe
- %TEMP%\~310967.tmp
- '20#.#6.232.49':80
- '%TEMP%\2243.exe'
- '%TEMP%\6177.exe'
- '%WINDIR%\syswow64\cmd.exe' /C SYSTEMINFO && SYSTEMINFO && SYSTEMINFO && SYSTEMINFO && SYSTEMINFO && DEL "%TEMP%\2243.exe"' (with hidden window)
- '%WINDIR%\syswow64\rundll32.exe' shell32.dll,Control_RunDLL
- '%WINDIR%\syswow64\cmd.exe' /C SYSTEMINFO && SYSTEMINFO && SYSTEMINFO && SYSTEMINFO && SYSTEMINFO && DEL "%TEMP%\2243.exe"
- '%WINDIR%\syswow64\systeminfo.exe'