Resolved bootcamp4wealth.com to 18.104.22.168
Gate file: bootcamp4wealth.com/wp-directory/images/config/adm/gate.php
Config file: bootcamp4wealth.com/wp-directory/images/config/config/index.php
Login page: bootcamp4wealth.com/wp-directory/images/config/adm/index.php?m=login
Anyone infected with this is safe for now as the owner hasn’t figured out that the bot and config dropper need the same key for it to work.
Hosting infos: http://whois.domaintools.com/22.214.171.124