Technical Information
- %WINDIR%\tasks\lnal.job
- <SYSTEM32>\tasks\lnal
- %ALLUSERSPROFILE%\ivjwkxm\lnal.exe
- 'ok###sddvr.com':4035
- 'ok###sddvr.xyz':4035
- DNS ASK ok###sddvr.com
- DNS ASK ok###sddvr.xyz
- '%ALLUSERSPROFILE%\ivjwkxm\lnal.exe' start
- '%ALLUSERSPROFILE%\ivjwkxm\lnal.exe' start' (with hidden window)