Technical Information
- %WINDIR%\syswow64\proquota.exe
- ClassName: 'OLLYDBG', WindowName: ''
- %APPDATA%\microsoft\windows\wh5s1gbv.cfg
- %APPDATA%\microsoft\windows\wh5s1gbv.dat
- %APPDATA%\microsoft\windows\wh5s1gbv.cfg
- %APPDATA%\microsoft\windows\wh5s1gbv.dat
- http://www.go###e.com:443/1411.functions via google.com
- http://www.gm###.com:443/1411.functions via gm##l.com
- DNS ASK google.com
- DNS ASK gm##l.com
- DNS ASK ua#.####ecounterstrike.com
- ClassName: 'WispWindowClass' WindowName: ''
- '%WINDIR%\syswow64\proquota.exe'