Technical Information
- %WINDIR%\explorer.exe
- 'xn#.xyz':80
- 'vo#####allengeva.com':80
- 'fa#####llyforward.today':80
- DNS ASK xn#.xyz
- DNS ASK lu###n.party
- DNS ASK vo#####allengeva.com
- DNS ASK wi######multisolution.com
- DNS ASK fa#####llyforward.today
- DNS ASK ma###pil.com
- '%WINDIR%\syswow64\svchost.exe'
- '%WINDIR%\syswow64\control.exe'
- '%WINDIR%\syswow64\cmd.exe' del "%WINDIR%\SysWow64\svchost.exe"