Technical Information
- ClassName: 'OLLYDBG', WindowName: ''
- %APPDATA%\indefendes\test.exe
- %APPDATA%\indefendes\testoviyjuk.exe
- %APPDATA%\indefendesst\perloadstat.exe
- %PROGRAMDATA%\frd\1_protected.exe
- %PROGRAMDATA%\frd\2_protected.exe
- %TEMP%\ergfsda.txt
- %PROGRAMDATA%\yna5fukajat\mac.db-shm
- %PROGRAMDATA%\gjphwcpqy\mac.db-shm
- %PROGRAMDATA%\yna5fukajat\mac.db-shm
- %PROGRAMDATA%\gjphwcpqy\mac.db-shm
- '2n#.co':443
- http://fi###ss07.top/download.php?fi###########
- http://fi###ss07.top/downfiles/file.exe
- http://lu###razzi.top/brazi/testoviyjuk.exe
- http://lu###razzi.top/brazi/soft/perloadstat.exe
- http://ip##pi.com/line/
- DNS ASK ip###ger.org
- DNS ASK fi###ss07.top
- DNS ASK lu###razzi.top
- DNS ASK ip##pi.com
- DNS ASK 2n#.co
- ClassName: 'AutoHotkey' WindowName: '<Full path to file>'
- ClassName: 'AutoHotkey' WindowName: '%APPDATA%\indefendes\test.exe'
- '%APPDATA%\indefendes\test.exe'
- '%APPDATA%\indefendes\testoviyjuk.exe'
- '%PROGRAMDATA%\frd\1_protected.exe'
- '%PROGRAMDATA%\frd\2_protected.exe'