Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\5691eb53dbf60e6cb2b1c6909232a062.exe
- '%HOMEPATH%\windows.defender.exe'
- '%HOMEPATH%\windows defender.exe'
- '%WINDIR%\syswow64\netsh.exe' firewall add allowedprogram "%HOMEPATH%\windows defender.exe" "windows defender.exe" ENABLE
- %HOMEPATH%\windows.defender.exe
- %HOMEPATH%\windows defender.exe
- <LS_APPDATA>\microsoft\windows\history\history.ie5\mshist012019102820191029\index.dat
- DNS ASK do#####d-video.online
- DNS ASK ma####9.myq-see.com
- DNS ASK bl##ger.com
- DNS ASK apis.google.com
- DNS ASK re#####es.blogblog.com
- DNS ASK pa#####.#ooglesyndication.com
- DNS ASK yo##ube.com
- DNS ASK lh#.####leusercontent.com
- DNS ASK accounts.google.com
- DNS ASK s.##img.com
- DNS ASK fo###.gstatic.com
- ClassName: 'DDEMLMom' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%WINDIR%\syswow64\netsh.exe' firewall add allowedprogram "%HOMEPATH%\windows defender.exe" "windows defender.exe" ENABLE' (with hidden window)