Technical Information
- https://pu-bg.000webhostapp.com/sinki.crack as %temp%\sinki.exe
- %TEMP%\3dc6.tmp\gusano.bat
- %TEMP%\sinki.exe
- %TEMP%\3dc6.tmp\gusano.bat
- DNS ASK pu###.#00webhostapp.com
- '%TEMP%\sinki.exe'
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\3DC6.tmp\gusano.bat" "<Full path to file>""' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\3DC6.tmp\gusano.bat" "<Full path to file>""