Contacts servers via udp : “178.33.158.0:6893” “178.33.158.1:6893” “178.33.158.2:6893” “178.33.158.3:6893” “178.33.158.4:6893” “178.33.158.5:6893” “178.33.158.6:6893” “178.33.158.7:6893” “178.33.158.8:6893” “178.33.158.9:6893” “178.33.158.10:6893” “178.33.158.11:6893” “178.33.158.12:6893” “178.33.158.13:6893” “178.33.158.14:6893” “178.33.158.15:6893” “178.33.158.16:6893” “178.33.158.17:6893” “178.33.158.18:6893” “178.33.158.19:6893” execute command : “taskkill /f /im “c1.exe” > NUL & ping -n 1 127.0.0.1 > NUL & del “C:c1.exe” > NUL && exit” Sample here : hxxp://119.205.220.184/c.exe