Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\system32.lnk
- %APPDATA%\windowsenvtest\windowsenvtest.exe
- 'cd#.##scordapp.com':443
- 'id##t.me':80
- 'ch#####.amazonaws.com':80
- 'ap#.#pify.org':443
- 'bo#.####ismyipaddress.com':80
- 'if##nfig.me':80
- 'wh#####yip.akamai.com':80
- 'ic###azip.com':80
- 'wg##ip.com':80
- 'ip.##pspot.com':80
- 'ip.#yk.nu':80
- 'microsoft.com':80
- http://my####rnalip.com/raw
- http://ip##fo.io/ip
- http://ip##ho.net/plain
- http://id##t.me/
- http://ch#####.amazonaws.com/
- http://if##nfig.me/ip
- http://wg##ip.com/
- http://wh#####yip.akamai.com/
- http://ip.#yk.nu/
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- DNS ASK cd#.##scordapp.com
- DNS ASK sh##ff.it
- DNS ASK id##t.me
- DNS ASK ch#####.amazonaws.com
- DNS ASK ap#.#pify.org
- DNS ASK bo#.####ismyipaddress.com
- DNS ASK my####rnalip.com
- DNS ASK ip##fo.io
- DNS ASK wh#####yip.akamai.com
- DNS ASK ip##ho.net
- DNS ASK wg##ip.com
- DNS ASK ic###azip.com
- DNS ASK ip.##pspot.com
- DNS ASK if##nfig.me
- DNS ASK ip.#yk.nu
- DNS ASK microsoft.com