Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'winlogon' = '%WINDIR%\win_sp.exe'
- %TEMP%\Server.exe
- %TEMP%\Server.exe
- %WINDIR%\win_sp.exe
- %TEMP%\sfx.ini
- %TEMP%\01 Intro El Cangri.mp3
- %TEMP%\sfx.ini
- 'es####u.no-ip.org':8080
- 'es####u.no-ip.org':5001
- DNS ASK es####u.no-ip.org