Technical Information
Malicious functions:
Creates and executes the following:
- '%TEMP%\tmp1.exe' "<Full path to file>"
Executes the following:
- '%TEMP%\tmp1.exe' "<Full path to file>"
- '<SYSTEM32>\ping.exe' 127.0.0.1
- '<SYSTEM32>\cmd.exe' /c ping 127.0.0.1 >> nul
Modifies file system:
Creates the following files:
- %TEMP%\tmp1.exe
Deletes itself.