Technical Information
- %TEMP%\update.txt
- %TEMP%\upload.txt
- %TEMP%\update.txt
- 'dl.##opbox.com':80
- 'da###2.uk.cr':80
- dl.##opbox.com/u/4916519/Logger/update_logger.txt
- da###2.uk.cr/log.php?us##############################################
- DNS ASK dl.##opbox.com
- DNS ASK da###2.uk.cr
- ClassName: '#32771' WindowName: ''
- ClassName: 'AutoHotkey' WindowName: '<Full path to virus>'