Technical Information
- C:\del.bat
- %TEMP%\delay.vbs
- %TEMP%\delay.vbs
- http://www.33##.org/dyndns/getip
- DNS ASK ap#.##legram.org
- DNS ASK 33##.org
- '%WINDIR%\syswow64\wscript.exe' "%TEMP%\delay.vbs"
- '%WINDIR%\syswow64\cmd.exe' /c c:\Del.bat' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c c:\Del.bat