Technical Information
- %WINDIR%\microsoft.net\framework\v4.0.30319\addinprocess32.exe
- 'ge###sthi.xyz':80
- http://ge###sthi.xyz/IRemotePanel
- DNS ASK 5k####.usikeusu.ru
- DNS ASK ge###sthi.xyz
- '%WINDIR%\microsoft.net\framework\v4.0.30319\addinprocess32.exe'