Technical Information
- '' (downloaded from the Internet)
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\metadata\f0accf77cdcbff39f6191887f6d2d357
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\content\f0accf77cdcbff39f6191887f6d2d357
- %TEMP%\temp\id4.exe
- <Current directory>\gucci.exe
- <Current directory>\text.txt
- <Current directory>\config.ini
- http://ip###ger.org/1Wnwe7
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- http://ip##pi.com/xml
- http://os##oft.com/20190118/things.xml
- http://de###ll.shop/down/id4.exe
- http://go#####analytics.com/collect
- DNS ASK ip###ger.org
- DNS ASK ip##pi.com
- DNS ASK go#####analytics.com
- DNS ASK os##oft.com
- DNS ASK jf####.bhtaifvu.com
- DNS ASK de###ll.shop
- '%TEMP%\temp\id4.exe'
- '<Current directory>\gucci.exe'