Technical Information
- %HOMEPATH%\documents\ei8dramayu9k8ghn89csj.poloniex
- %HOMEPATH%\pictures\adobe films\86lgfwdbactuuhso8jwlmjag.exe
- %TEMP%\pidhtsigei8dramayu9k8ghn89.dll
- %HOMEPATH%\documents\ei8dramayu9k8ghn89csj.poloniex
- '21#.#93.30.45':80
- '45.##4.225.57':80
- 'pa###bin.com':443
- '21#.#93.30.21':80
- '21#.#93.30.29':80
- 'ip##fo.io':443
- http://21#.#93.30.45/proxies.txt
- http://45.##4.225.57/server.txt
- http://21#.#93.30.29/download/E_PL_Client.bmp
- http://21#.#93.30.29/download/NiceProcessX64.bmp
- http://21#.#93.30.21/base/api/statistics.php
- 'pa###bin.com':443
- 'ip##fo.io':443
- DNS ASK pa###bin.com
- DNS ASK ip##fo.io
- '%HOMEPATH%\pictures\adobe films\86lgfwdbactuuhso8jwlmjag.exe'
- '%HOMEPATH%\pictures\adobe films\86lgfwdbactuuhso8jwlmjag.exe' ' (with hidden window)