196[.]7[.]210[.]6 
196[.]7[.]209[.]178
196[.]7[.]210[.]160
88[.]198[.]246[.]242
187[.]79.243.171
103[.]41[.]204[.]104 
155[.]207[.]200[.]242 
134[.]88[.]5[.]200:22 
103[.]41[.]204[.]104
142[.]4[.]205[.]155:80 
89[.]163[.]213[.]192:3333 
145[.]239[.]200[.]92:3333 
103[.]41[.]204[.]104
45[.]194[.]35[.]180
88[.]198[.]246[.]242:80
145[.]239[.]200[.]92:3333 
http://103[.]40[.]123[.]34/k.php?B=_AMD64,PSDN0020,504K45A188441R4UE
http://103[.]41[.]204[.]104/7z32.dll
http://103[.]41[.]204[.]104/srch.7z
https://gb7ni5rgeexdcncj[.]onion/cgi-bin/prometei.cgi?r=9&i=N8Q4Y90O9T4MXH
http[://]mkhkjxgchtfgu7uhofxzgoawntfzrkdccymveektqgpxrpjb72oq[.]zero/cgi-bin/prometei.cgi
p2[.]feefreepool[.]net           


C:\Windows\dell\rdpcIip.exe	39b1042a5b02f3925141733c0f78b64f9fae71a37041c6acc9a9a4e70723a0f1
C:\Windows\dell\msdtc.exe	ea8cde21792543d7e55dd9a2a894c3cd4fc4fabaeab20ba689b84416c20a6e37
C:\Windows\sqhost.exe		a1b3e8de2855b274edd9e6f7d7798e3cefe1aae8697568d333e00979054ecf58
C:\Windows\dell\smcard.exe	01bee3bb01f34f8da926c6b83980958166f1b10d00a923deb87361e9f34bcd83
C:\Windows\dell\windrlver.exe	82c19c95f70c2a67be8a4914ed6c6b79b84aef3c1d65fefe85f90d89538bbe23
C:\Windows\dell\miWalk.exe	25dc9c2a2d31c42c63de0ed247784e33ea31f140d8035ac2141cb46f25eaefd4
C:\Windows\dell\windrlver.exe	a546c3defb20bb18205b19c5218795fa9c6388d2e2ec3e65707b4e7afaeac0e1
C:\Windows\dell\nethelper4.exe	44458197aafcb273b91f90a8cc55078b318e4f8a0384303acd1a5b3c13ff1ee0