Technical Information
- [<HKCU>\Software\Classes\discord-1014497119274532984\shell\open\command] '' = '<Full path to file>'
- [<HKLM>\System\CurrentControlSet\Services\MAX] 'ImagePath' = '<Current directory>\MAX.sys'
- 'MAX' <Current directory>\MAX.sys
- <Current directory>\max.sys
- %WINDIR%\temp\udd222.tmp
- %WINDIR%\temp\udd222.tmp
- 'cd#.##scordapp.com':443
- 'ra#.####ubusercontent.com':443
- 'eo##x.lol':443
- 'cd#.##scordapp.com':443
- 'ra#.####ubusercontent.com':443
- 'eo##x.lol':443
- DNS ASK cd#.##scordapp.com
- DNS ASK ra#.####ubusercontent.com
- DNS ASK eo##x.lol
- '<SYSTEM32>\cmd.exe' /c Color F
- '<SYSTEM32>\cmd.exe' /c MODE Con Cols=56 lines=16
- '<SYSTEM32>\mode.com' Con Cols=56 lines=16