Technical Information
- <SYSTEM32>\tasks\lfxs
- %TEMP%\1082038\45972072.exe
- %TEMP%\1082038\squalrnet.dll
- %TEMP%\1082038\resources\montserrat-regular.ttf
- %TEMP%\1082038\resources\montserrat-bold.ttf
- %TEMP%\1082038\readwrite.dll
- %TEMP%\1082038\newtonsoft.json.dll
- %TEMP%\1082038\memoryx.dll
- %TEMP%\1082038\memorysharp.dll
- %TEMP%\1082038\materialdesignthemes.wpf.dll
- %TEMP%\1082038\materialdesigncolors.dll
- %TEMP%\1082038\hackermode_among us obf.exe
- %TEMP%\1082038\fasm.net.dll
- %TEMP%\1082038\dragablz.dll
- %TEMP%\1082038\adafcaefc\toastedmarshmellow.dll
- %TEMP%\1082038\adafcaefc\roastedmelon.dll
- %TEMP%\1082038\adafcaefc\fermentedmango.dll
- %APPDATA%\snn\xlwvrqok\kyszku.exe
- <Current directory>\data.dat
- 'pa###bin.com':443
- DNS ASK pa###bin.com
- '%TEMP%\1082038\45972072.exe'
- '%TEMP%\1082038\hackermode_among us obf.exe'
- '%TEMP%\1082038\45972072.exe' ' (with hidden window)
- '%TEMP%\1082038\hackermode_among us obf.exe' ' (with hidden window)