Technical Information
- %TEMP%\ixp000.tmp\setup_ovl.exe
- %TEMP%\ixp000.tmp\setup_ovl.exe
- 'ti##.one':443
- 'ag##s.org':80
- http://www.ag##s.org/wp-content/uploads/2018/11/cp/PopManPortable_Stuedxhv.png
- 'ti##.one':443
- DNS ASK ti##.one
- DNS ASK ag##s.org
- '%TEMP%\ixp000.tmp\setup_ovl.exe'
- '%TEMP%\ixp000.tmp\setup_ovl.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c timeout 20' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c timeout 20
- '%WINDIR%\syswow64\timeout.exe' 20