Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\cghzsnym.lnk
- %WINDIR%\syswow64\svchost.exe
- %APPDATA%\sqlite3\sqlite3.dll
- 'cd#.##scordapp.com':443
- '10#.#06.241.81':80
- 'po####kvps.ddns.net':3677
- http://10#.#06.241.81/htdocs/mTGTn.exe
- 'cd#.##scordapp.com':443
- 'po####kvps.ddns.net':3677
- DNS ASK cd#.##scordapp.com
- DNS ASK po####kvps.ddns.net
- '%WINDIR%\syswow64\svchost.exe'