Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\<File name>.exe
- http://pr########rnity.000webhostapp.com/validate.php?us##############
- DNS ASK pr########rnity.000webhostapp.com
- '<SYSTEM32>\cmd.exe' /c getmac /v /fo list
- '<SYSTEM32>\getmac.exe' /v /fo list
- '<SYSTEM32>\cmd.exe' /c vol