Technical Information
- %WINDIR%\explorer.exe
- %TEMP%\content\3764-4092-wscript.exe-23-37-46-717.dump
- %TEMP%\content\3764-4092-wscript.exe-23-37-46-722.dump
- %TEMP%\content\3764-4092-wscript.exe-23-37-46-794.dump
- %TEMP%\content\3764-4092-wscript.exe-23-37-47-044.dump
- %TEMP%\content\3764-4092-wscript.exe-23-37-47-559.dump
- %TEMP%\content\3764-4092-wscript.exe-23-37-48-016.dump
- %TEMP%\content\3764-4092-wscript.exe-23-37-48-029.dump
- %TEMP%\vmqno0fe6
- %ProgramFiles%\UNP\Logs\UpdateNotificationPipeline.001.etl
- http://7t###wer.com/yetgt1
- http://fw##es.de/xmtxufz
- http://is##ool.org/iobskh
- http://www.is##ool.org/iobskh
- http://sk####omodedovo.ru/in6kx
- http://co######iscovered.com.au/x0je0oyo
- DNS ASK 7t###wer.com
- DNS ASK fw##es.de
- DNS ASK is##ool.org
- DNS ASK sk####omodedovo.ru
- DNS ASK share.microsoft.com
- DNS ASK co######iscovered.com.au
- DNS ASK go.microsoft.com
- DNS ASK settings-win.data.microsoft.com
- DNS ASK maps.windows.com
- DNS ASK dl.delivery.mp.microsoft.com
- DNS ASK ar#.msn.com
- DNS ASK im##########-rt-microsoft-com.akamaized.net
- '<SYSTEM32>\devicecensus.exe' UserCxt
- '<SYSTEM32>\svchost.exe' -k netsvcs -p