Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\toolswindoo\toolswindoo.exe
- %APPDATA%\logs\10-12-2020
- 'gr######.fastestmaking.com':3222
- http://ip##pi.com/json/
- DNS ASK ip##pi.com
- DNS ASK gr######.fastestmaking.com
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath '"<Full path to file>"'