Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Service Manager' = '%ALLUSERSPROFILE%\Windows\Windows Service Manager.exe'
- %ALLUSERSPROFILE%\windows\windows service manager.exe
- %TEMP%\control.exe
- 'ip###ger.com':443
- 'ip###ger.org':443
- 'microsoft.com':80
- http://www.fa####bmennik.net/7240089
- http://fa####bmennik.cloud/7240089
- 'ip###ger.com':443
- DNS ASK ip###ger.com
- DNS ASK ip###ger.org
- DNS ASK microsoft.com
- DNS ASK fa####bmennik.net
- DNS ASK fa####bmennik.cloud