Technical Information
- %WINDIR%\syswow64\gpresult.exe
- C:\g1gegegeg.ini
- C:\g1gegegeg.ini
- <Full path to file>
- 'fi##.#f00001.com':1714
- 'fi##.#f00001.com':1219
- http://FI##.##00001.COM:1714/CFBED/CFBED.txt?46####
- http://FI##.##00001.COM:1714/CFBED/CFBEDpuppet.Txt?47####
- DNS ASK fi##.#f00001.com
- '%WINDIR%\syswow64\gpresult.exe'