Technical Information
- <DRIVERS>\etc\hosts
- 'a.##dlq.net':80
- 'a.##dlq.com':80
- 'b.##dlq.net':80
- '<DNS_SERVER>':80
- http://a.##dlq.net/RemoteList.txt
- http://a.##dlq.com/RemoteList.txt
- http://b.##dlq.net/RemoteList.txt
- DNS ASK a.##dlq.net
- DNS ASK a.##dlq.com
- DNS ASK b.##dlq.net
- ClassName: '' WindowName: 'GINA Logon'
- '<SYSTEM32>\cmd.exe' /c rd "<DRIVERS>\etcYkB1I" /S /Q