Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\Mirosoft.js
- %HOMEPATH%\Start Menu\Programs\Startup\Client.exe
- <Drive name for removable media>:\RevengeRAT\systeme.exe
- %HOMEPATH%\Templates\Windows.Exe
- %TEMP%\dw.log
- %TEMP%\1FB62.dmp
- %TEMP%\29BE8.dmp
- <Drive name for removable media>:\RevengeRAT\systeme.exe
- %HOMEPATH%\Start Menu\Programs\Startup\Mirosoft.js
- %HOMEPATH%\Templates\Windows.Exe
- 'localhost':333
- 'sa####oot.ddns.net':2252
- DNS ASK sa####oot.ddns.net
- '%HOMEPATH%\Templates\Windows.Exe'
- '%HOMEPATH%\Start Menu\Programs\Startup\Client.exe'
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 296