Technical Information
- 1567603137.exe
- %TEMP%\xonfh
- %TEMP%\1567603137.exe
- 'ma##r.info':443
- 'os.##nukute.ru':443
- '21#.#3.150.52':80
- DNS ASK ma##r.info
- DNS ASK os.##nukute.ru
- '%TEMP%\1567603137.exe'
- '%WINDIR%\syswow64\rundll32.exe' <SYSTEM32>\shell32.dll,OpenAs_RunDLL %TEMP%\XONFh