Technical Information
- <SYSTEM32>\tasks\nvngxupdatecheckdaily_{aefe271c-271c-271c-271c-aefe271c271c}
- %TEMP%\5c1b.tmp
- %APPDATA%\sfeufff
- %APPDATA%\ciaijga
- %APPDATA%\sfeufff
- %APPDATA%\ciaijga
- http://oc##.thawte.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEEeXTXhzpbyrDS%2BzcBkvzl4%3D
- DNS ASK ol##us.casa
- DNS ASK microsoft.com
- DNS ASK oc##.thawte.com
- DNS ASK st####.rapidssl.com
- '<SYSTEM32>\cmd.exe'
- '<SYSTEM32>\wbem\wmic.exe' /namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName /format:csv
- '<SYSTEM32>\wbem\wmic.exe' /namespace:\\root\SecurityCenter2 Path FirewallProduct Get displayName /format:csv
- '<SYSTEM32>\wbem\wmic.exe' /namespace:\\root\SecurityCenter2 Path AntiSpywareProduct Get displayName /format:csv
- '<SYSTEM32>\wbem\wmic.exe' /namespace:\\root\cimv2 Path Win32_Processor Get Name,DeviceID,NumberOfCores /format:csv
- '<SYSTEM32>\wbem\wmic.exe' /namespace:\\root\cimv2 Path Win32_Product Get Name,Version /format:csv