Technical Information
- drainage.pif
- %TEMP%\nsv7d9e.tmp
- %TEMP%\barriers.hopp
- %TEMP%\insulin.hopp
- %TEMP%\refer.hopp
- %TEMP%\videos.hopp
- %TEMP%\double.hopp
- %TEMP%\wednesday.hopp
- %TEMP%\becomes.hopp
- %TEMP%\nse886c.tmp\nsexec.dll
- %TEMP%\prophet
- %TEMP%\antonio
- %TEMP%\sacred
- %TEMP%\cathedral
- %TEMP%\somehow
- %TEMP%\september
- %TEMP%\commissioners
- %TEMP%\childhood
- %TEMP%\packard
- %TEMP%\myanmar
- %TEMP%\unfortunately
- %TEMP%\identified
- %TEMP%\automatically
- %TEMP%\447742\drainage.pif
- %TEMP%\447742\b
- DNS ASK pu#####YmGY.puTsQSRYmGY
- ClassName: '#32770' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- '%TEMP%\447742\drainage.pif' B
- '%TEMP%\447742\drainage.pif'
- '%WINDIR%\syswow64\cmd.exe' /c cmd < Insulin.hopp
- '%WINDIR%\syswow64\cmd.exe'
- '%WINDIR%\syswow64\tasklist.exe'
- '%WINDIR%\syswow64\findstr.exe' "SophosHealth nsWscSvc ekrn bdservicehost AvastUI AVGUI & if not errorlevel 1 Set rtvxRmFrNAvBuxfrXsO=AutoIt3.exe & Set IhfiZAaPORtvhmnbRxCHRalupsOpVvHvZbxtuIg=.a3x & Set iniIZOPYbracPhQaxzYsA...
- '%WINDIR%\syswow64\extrac32.exe' /Y Refer.hopp *.*
- '%WINDIR%\syswow64\findstr.exe' /V "Penis" Antonio
- '%WINDIR%\syswow64\waitfor.exe' /T 5 iniIZOPYbracPhQaxzYsAPKXMDiaZ
- '%WINDIR%\syswow64\cmd.exe' /c cmd < Insulin.hopp' (with hidden window)