Technical Information
- <SYSTEM32>\tasks\qzpcxfbyb2dyyw1ey
- '' (downloaded from the Internet)
- %ALLUSERSPROFILE%\1.exe
- %ALLUSERSPROFILE%\quickscreenshot\20230905\20230905134625.jpg
- %ALLUSERSPROFILE%\quickscreenshot\20230905\20230905134725.jpg
- <SYSTEM32>\tasks\qzpcxfbyb2dyyw1ey
- '10#.#43.249.203':80
- '8.##7.23.60':8888
- http://10#.#43.249.203/1.exe
- '8.##7.23.60':8888
- '%ALLUSERSPROFILE%\1.exe'
- '%WINDIR%\syswow64\cmd.exe' /c start 1.exe