Technical Information
- %HOMEPATH%\documents\pxlogs-3-29-2020-6-45-53-pm.txt
- %HOMEPATH%\desktop\<File name>.exe
- %HOMEPATH%\documents\pxclipboard-3-29-2020-6-46-41-pm.txt
- %HOMEPATH%\documents\micrusoft\picture.jpeg
- %HOMEPATH%\documents\pxlogs-3-29-2020-6-46-53-pm.txt
- %HOMEPATH%\documents\pxlogs-3-29-2020-6-45-53-pm.txt
- %HOMEPATH%\documents\micrusoft\picture.jpeg
- %HOMEPATH%\documents\pxlogs-3-29-2020-6-46-53-pm.txt
- http://if##nfig.me/ip
- DNS ASK if##nfig.me
- DNS ASK fi###.#00webhost.com
- ClassName: '' WindowName: 'Start-up'
- '%WINDIR%\syswow64\explorer.exe' %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup' (with hidden window)
- '%WINDIR%\syswow64\explorer.exe' %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup