ValleyRAT payload download server; hosts xz.bin which is the RC4-encrypted ValleyRAT shellcode downloaded by the malicious DLL