Technical Information
- <SYSTEM32>\tasks\wudfhost
- <SYSTEM32>\tasks\idle
- <SYSTEM32>\tasks\lsm
- lsm.exe
- %ProgramFiles%\tmproxy\wudfhost.exe
- %ProgramFiles%\tmproxy\480b7989c529f6ff17bde430d81d4770fb5337f5
- %ALLUSERSPROFILE%\favorites\idle.exe
- %ALLUSERSPROFILE%\favorites\6ccacd8608530fba3a93e87ae2225c7032aa18c1
- C:\far2\addons\macros\lsm.exe
- C:\far2\addons\macros\101b941d020240259ca4912829b53995ad543df6
- 'me####tobesit.ru':443
- 'ip##fo.io':443
- DNS ASK me####tobesit.ru
- DNS ASK ip##fo.io
- 'C:\far2\addons\macros\lsm.exe'
- '%WINDIR%\syswow64\schtasks.exe' /create /tn "WUDFHost" /sc ONLOGON /tr "'%ProgramFiles%\tmproxy\WUDFHost.exe'" /rl HIGHEST /f
- '%WINDIR%\syswow64\schtasks.exe' /create /tn "Idle" /sc ONLOGON /tr "'%ALLUSERSPROFILE%\Favorites\Idle.exe'" /rl HIGHEST /f
- '%WINDIR%\syswow64\schtasks.exe' /create /tn "lsm" /sc ONLOGON /tr "'C:\Far2\Addons\Macros\lsm.exe'" /rl HIGHEST /f