Technical Information
- %WINDIR%\tasks\ilufovi.job
- <SYSTEM32>\tasks\ilufovi
- %PROGRAMDATA%\mcvlfuk\ilufovi.exe
- http://86.#9.21.38/tor/status-vote/current/consensus
- http://13#.#88.40.189/tor/status-vote/current/consensus
- http://12#.31.0.34/tor/status-vote/current/consensus
- http://17#.#5.193.9/tor/status-vote/current/consensus
- DNS ASK mx###gs19.xyz
- DNS ASK sd###ert20.xyz
- DNS ASK ap#.#pify.org
- '%PROGRAMDATA%\mcvlfuk\ilufovi.exe' start
- '%PROGRAMDATA%\mcvlfuk\ilufovi.exe' start' (with hidden window)