Technical Information
- %WINDIR%\syswow64\sethc.exe
- C:\gffgggg0gfg.ini
- C:\gffgggg0gfg.ini
- <Full path to file>
- 'fi##.#f00001.com':1714
- 'fi##.#f00001.com':1219
- http://FI##.##00001.COM:1714/CFBED/CFBED.txt?46####
- http://FI##.##00001.COM:1714/CFBED/CFBED.txt?47####
- http://FI##.##00001.COM:1714/CFBED/CFBEDpuppet.Txt?47####
- DNS ASK fi##.#f00001.com
- '%WINDIR%\syswow64\sethc.exe'