Technical Information
- %WINDIR%\microsoft.net\framework\v4.0.30319\applaunch.exe
- ClassName: 'OLLYDBG', WindowName: ''
- %TEMP%\injector.exe
- %TEMP%\control words.txt
- 'mu####farelongea.pw':80
- http://mu####farelongea.pw/api
- DNS ASK ba###matela.fun
- DNS ASK ti####inecarpett.pw
- DNS ASK mu####farelongea.pw
- '%TEMP%\injector.exe'
- '%WINDIR%\syswow64\notepad.exe' %TEMP%\Control words.txt
- '%WINDIR%\microsoft.net\framework\v4.0.30319\applaunch.exe'