Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Google Updater' = '%APPDATA%\%USERNAME%\runnxdll.exe'
- '' (downloaded from the Internet)
- chrome.exe
- %APPDATA%\%USERNAME%\runnxdll.exe
- %APPDATA%\%USERNAME%\files.7z
- %APPDATA%\%USERNAME%\7za.exe
- 'vd###.postdns.space':80
- 'ch###turk.xyz':80
- http://vd###.postdns.space/api/blabla/folders.7z
- http://vd###.postdns.space/api/blabla/7za.exe
- http://ch###turk.xyz/api/blabla/login.php
- DNS ASK vd###.postdns.space
- DNS ASK ch###turk.xyz
- DNS ASK www.google.com
- '%APPDATA%\%USERNAME%\7za.exe' e files.7z -aoa -pkHPPNBrsIjUoRZ3lLu4zOtU2cjMYkl