Technical Information
- %WINDIR%\tasks\awabdeg.job
- <SYSTEM32>\tasks\awabdeg
- %ALLUSERSPROFILE%\rwekq\awabdeg.exe
- 'ad###ace147.xyz':4044
- DNS ASK ad###t127ds.xyz
- DNS ASK ad###ace147.xyz
- '%ALLUSERSPROFILE%\rwekq\awabdeg.exe' start
- '%ALLUSERSPROFILE%\rwekq\awabdeg.exe' start' (with hidden window)