Technical Information
- <SYSTEM32>\tasks\updates\fniyblgrkt
- %APPDATA%\fniyblgrkt.exe
- %TEMP%\tmp6038.tmp
- %TEMP%\tmp6038.tmp
- '0p####.duckdns.org':3040
- 'mx####.duckdns.org':2020
- 'mx####.duckdns.org':3040
- DNS ASK 0p####.duckdns.org
- DNS ASK mx####.duckdns.org
- '%WINDIR%\syswow64\schtasks.exe' /Create /TN "Updates\fnIyBLgRkT" /XML "%TEMP%\tmp6038.tmp"' (with hidden window)
- '%WINDIR%\syswow64\schtasks.exe' /Create /TN "Updates\fnIyBLgRkT" /XML "%TEMP%\tmp6038.tmp"