Technical Information
- <SYSTEM32>\tasks\a8923138589231385
- <SYSTEM32>\tasks\dd8923138589231385
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\bzjx5bke\navcancl[1]
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\re1n75kr\errorpagetemplate[1]
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\0u8lpyu9\errorpagestrings[1]
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\caasbycl\httperrorpagesscripts[1]
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\bzjx5bke\background_gradient[2]
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\bzjx5bke\info_48[1]
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\0u8lpyu9\bullet[1]
- DNS ASK mo###yslo.pw
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '<Full path to file>' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {4F323A32-6C06-4FE4-958B-DE6252587DA7} S-1-5-21-1960123792-2022915161-3775307078-1001:vjmwhgtxhc\user:Interactive:[1]