When the .Web application operates, the malicious DLL is loaded, and its code is executed in the context from the respectable application. rather than the usual homepage with back links to the most recent streams of https://www.flor.app/