Technical Information
- '%WINDIR%\syswow64\taskkill.exe' /im "<File name>.exe" /f
- 'ip###ger.org':80
- 'ip###ger.org':443
- 'ap#.ip.sb':80
- 'ap#.ip.sb':443
- 'fr###eoip.app':80
- 'ip##se.com':80
- 'ip##se.com':443
- 'script.google.com':80
- 'script.google.com':443
- 'yo#####4kdowloader.club':80
- http://ip###ger.org/1YKyj7
- http://ip###ger.org/1YZyj7
- http://ip###ger.org/1YLyj7
- http://ap#.ip.sb/geoip
- http://fr###eoip.app/json
- http://ip##se.com/json
- http://script.google.com/macros/s/AKfycbyeDUociDSMjODhy_ZapM5zzyoJ3zrch9n5IUJeKIM3UQOEtZs/exec?ip###########################################################
- http://yo#####4kdowloader.club/bin/ProgressLoader.exe
- 'ip###ger.org':443
- 'ap#.ip.sb':443
- 'ip##se.com':443
- 'script.google.com':443
- DNS ASK hy###reator.top
- DNS ASK ip###ger.org
- DNS ASK ap#.ip.sb
- DNS ASK fr###eoip.app
- DNS ASK ip##se.com
- DNS ASK script.google.com
- DNS ASK yo#####4kdowloader.club
- '%WINDIR%\syswow64\cmd.exe' /c taskkill /im "<File name>.exe" /f & erase "<Full path to file>" & exit' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c taskkill /im "<File name>.exe" /f & erase "<Full path to file>" & exit