Technical Information
- <SYSTEM32>\rundll32.exe
- %TEMP%\ixp000.tmp\dllloader.exe
- %TEMP%\ixp000.tmp\myfile.txt.enc
- %TEMP%\ixp000.tmp\sendkeys.vbs
- %TEMP%\ixp000.tmp\sendkeys.vbs
- %TEMP%\ixp000.tmp\myfile.txt.enc
- %TEMP%\ixp000.tmp\dllloader.exe
- '<SYSTEM32>\wscript.exe' "%TEMP%\IXP000.TMP\sendkeys.vbs"
- '%TEMP%\ixp000.tmp\dllloader.exe'
- '<SYSTEM32>\cmd.exe' /c start /wait sendkeys.vbs' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c start /wait sendkeys.vbs
- '<SYSTEM32>\rundll32.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 4 "<SYSTEM32>\rundll32.exe"