Technical Information
- %WINDIR%\syswow64\ctfmon.exe
- 'ns#.#nspod.net':6666
- '10#.#7.17.149':8877
- http://ns#.#nspod.net/
- http://10#.##.17.149:8877/api/Advertise/GetAdvert via 10#.#7.17.149
- DNS ASK ns#.#nspod.net
- '%WINDIR%\syswow64\ctfmon.exe' 2824 532A4C6A6864797577757C4C7B6A72683E7568758404204E3