Technical Information
- <SYSTEM32>\tasks\firefox default browser agent 89e1f769ca61846c
- %TEMP%\cc4f.tmp
- %APPDATA%\ujuwsrw
- %APPDATA%\ujuwsrw
- 'vi##rsi.com':80
- http://vi##rsi.com/upload/
- DNS ASK vi##rsi.com
- DNS ASK wo###ert.com
- DNS ASK wa##se.com
- '%APPDATA%\ujuwsrw'
- '%APPDATA%\ujuwsrw' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {ED061CA6-31F1-4B07-80AF-5FF3AB04AC64} S-1-5-21-1960123792-2022915161-3775307078-1001:unwkphmyqsny\user:Interactive:[1]