Technical Information
- %LOCALAPPDATA%\untitled\screen.png
- %LOCALAPPDATA%\untitled\userinfo.txt
- %LOCALAPPDATA%\untitled\telegram\90ef50e22e92cb8c0
- %LOCALAPPDATA%\untitled\telegram\d877f783d5d3ef8c1
- %LOCALAPPDATA%\untitled\telegram\prefix
- %LOCALAPPDATA%\untitled\telegram\settings0
- %LOCALAPPDATA%\untitled\telegram\shortcuts-custom.json
- %LOCALAPPDATA%\untitled\telegram\shortcuts-default.json
- %LOCALAPPDATA%\untitled\telegram\usertag
- %LOCALAPPDATA%\untitled\telegram\d877f783d5d3ef8c\map0
- %LOCALAPPDATA%\untitled\desktop\cveuropeo.doc
- 'ba##oni.ru':80
- 'al###.malware.ltd':443
- 'ip##o.is':443
- 'microsoft.com':80
- http://ba##oni.ru/163onmyneck.txt
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- 'ip##o.is':443
- DNS ASK ba##oni.ru
- DNS ASK al###.malware.ltd
- DNS ASK ip##o.is
- DNS ASK microsoft.com