Technical Information
- ClassName: 'Filemonclass', WindowName: ''
- %LOCALAPPDATA%\<File name>.exe
- from <Full path to file> to %WINDIR%\syswow64\810752.bak
- '75#.xyz':469
- '75#.xyz':469
- DNS ASK 75#.xyz
- ClassName: '18467-41' WindowName: ''
- '%LOCALAPPDATA%\<File name>.exe'
- '%LOCALAPPDATA%\<File name>.exe' ' (with hidden window)