Technical Information
- <SYSTEM32>\comctl32.ocx
- <SYSTEM32>\comdlg32.ocx
- <SYSTEM32>\msinet.ocx
- <DRIVERS>\etc\hosts.ics
- <DRIVERS>\etc\hosts
- DNS ASK tr###cet.com
- DNS ASK ci######ongans.blogspot.com
- '<SYSTEM32>\cmd.exe' /c icacls <DRIVERS>\etc\hosts /reset' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c icacls <DRIVERS>\etc\hosts.ics /reset' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c icacls <DRIVERS>\etc\hosts /reset
- '<SYSTEM32>\cmd.exe' /c icacls <DRIVERS>\etc\hosts.ics /reset
- '%ProgramFiles%\mozilla firefox\firefox.exe' -osint -url "http://ci######ongans.blogspot.com/"
- '%ProgramFiles%\mozilla firefox\firefox.exe' -osint -url "http://www.ci######ongans.blogspot.com/p/cit-is-expired.html"