Technical Information
- %WINDIR%\temp\cabc82e.tmp
- %WINDIR%\temp\tarc82f.tmp
- %WINDIR%\temp\cabc958.tmp
- %WINDIR%\temp\tarc959.tmp
- %WINDIR%\temp\cabcb0f.tmp
- %WINDIR%\temp\tarcb10.tmp
- %WINDIR%\temp\cabc82e.tmp
- %WINDIR%\temp\tarc82f.tmp
- %WINDIR%\temp\cabc958.tmp
- %WINDIR%\temp\tarc959.tmp
- %WINDIR%\temp\cabcb0f.tmp
- %WINDIR%\temp\tarcb10.tmp
- <DRIVERS>\etc\hosts
- from <Full path to file> to <Current directory>\uspbag0t4ipx.exe
- 'localhost':49180
- 'localhost':49182
- 'ap#.#pify.org':443
- 'pk#.goog':80
- 'localhost':49190
- '91.##8.112.238':80
- http://pk#.goog/gsr1/gsr1.crt
- 'localhost':49180
- 'localhost':49182
- 'localhost':49183
- 'ap#.#pify.org':443
- 'localhost':49190
- DNS ASK ap#.#pify.org
- DNS ASK pk#.goog
- ClassName: 'SandboxieControlWndClass' WindowName: ''
- ClassName: 'Window' WindowName: ''
- ClassName: 'Qt5QWindowIcon' WindowName: ''
- ClassName: 'ProccessHacker' WindowName: ''
- ClassName: 'MainWindowClassName' WindowName: ''
- ClassName: '' WindowName: 'IDA v7.0.170914'
- ClassName: '' WindowName: 'x64dbg'
- ClassName: '' WindowName: 'Scylla x64 v0.9.8'
- ClassName: '' WindowName: 'IAT Autosearch'