Technical Information
- <Current directory>\revokemsgpatcher.exe
- C:\users\public\qwq.exe
- from <Full path to file> to C:\users\public\asfqgqqvebggabvqegvaqg
- 'go#####analytics.com':443
- 'hu########.oss-cn-hangzhou.aliyuncs.com':443
- 'go#####analytics.com':443
- 'hu########.oss-cn-hangzhou.aliyuncs.com':443
- DNS ASK hu########.oss-cn-hangzhou.aliyuncs.com
- DNS ASK go#####analytics.com
- 'C:\users\public\qwq.exe'
- '<Current directory>\revokemsgpatcher.exe'
- '%WINDIR%\syswow64\cmd.exe' " /c " <Current directory>\RevokeMsgPatcher.exe' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' " /c " <Current directory>\RevokeMsgPatcher.exe