Technical Information
- %WINDIR%\tasks\ixfl.job
- <SYSTEM32>\tasks\ixfl
- %PROGRAMDATA%\thtiu\ixfl.exe
- http://19#.#09.206.212/tor/status-vote/current/consensus
- http://20#.#1.124.187/tor/server/fp/96d3d8d8c63ad58d8caea1b8dfd539a3a80f040d
- http://20#.#1.124.187/tor/server/fp/17b1e5314ee6d6c418134c80a9bbbc025096ad76
- http://20#.#1.124.187/tor/server/fp/8d093c9c2b42bc224a5319a660a6cf5edefe839f
- http://20#.#1.124.187/tor/server/fp/c1b79c4cd9b713bbb6b0522155b46a7bfe3bfaae
- DNS ASK gm###r23.xyz
- DNS ASK sc####tat14tp.xyz
- DNS ASK ap#.#pify.org
- '%PROGRAMDATA%\thtiu\ixfl.exe' start
- '%PROGRAMDATA%\thtiu\ixfl.exe' start' (with hidden window)