Technical Information
- test.exe
- ClassName: 'OLLYDBG', WindowName: ''
- ClassName: 'GBDYLLO', WindowName: ''
- ClassName: 'pediy06', WindowName: ''
- ClassName: 'FilemonClass', WindowName: ''
- ClassName: 'PROCMON_WINDOW_CLASS', WindowName: ''
- ClassName: 'RegmonClass', WindowName: ''
- %TEMP%\RunMe.vbs
- %TEMP%\test.rar
- %TEMP%\rar.exe
- %TEMP%\test.exe
- C:\patch\ntd2.dll
- C:\patch\krn.dll
- 'xm##ool.eu':3333
- DNS ASK xm##ool.eu
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'File Monitor - Sysinternals: www.sysinternals.com' WindowName: ''
- ClassName: 'Process Monitor - Sysinternals: www.sysinternals.com' WindowName: ''
- ClassName: 'Registry Monitor - Sysinternals: www.sysinternals.com' WindowName: ''
- ClassName: '18467-41' WindowName: ''
- '<SYSTEM32>\wscript.exe' "%TEMP%\RunMe.vbs"
- '%TEMP%\rar.exe' x -p"1234" -y "test.rar"
- '%TEMP%\test.exe'
- '%TEMP%\test.exe' -B --donate-level 1 -o xmrpool.eu:3333 -u 43g4nBAybniX3u6v28wTaHXJxaTgAGWisiW9jMzkFbSQcoNxda7VgGcDho98aZxoDCd3rw1bsopCNLcXpdR176saChRSv7m+W_%USERNAME% -p x --variant 1 -k