Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'FireFox' = '"%APPDATA%\FireFox.exe" -b'
- %APPDATA%\pzip.dll
- %APPDATA%\firefox.exe
- %APPDATA%\app.zip
- %APPDATA%\app\background.js
- %APPDATA%\app\manifest.json
- %APPDATA%\app.zip
- http://is##g.me/service.php
- http://is##g.me/app.zip
- DNS ASK google.com
- DNS ASK is##g.me
- ClassName: 'AutoHotkey' WindowName: '<Full path to file>'
- ClassName: 'AutoHotkey' WindowName: '%APPDATA%\FireFox.exe'
- '%APPDATA%\firefox.exe' -b