Technical Information
- <SYSTEM32>\tasks\servicehub vsdetouredhost
- ClassName: 'OLLYDBG', WindowName: ''
- %LOCALAPPDATA%\jaxxliberty\servicehub.identityhost.exe
- %LOCALAPPDATA%\jaxxliberty\servicehub.identityhost.exe
- 'ip###ger.org':80
- 'ip###ger.org':443
- 'microsoft.com':80
- 'oc##.thawte.com':80
- 'ip###ger.org':443
- DNS ASK ip###ger.org
- DNS ASK microsoft.com
- DNS ASK we###thg.pro
- DNS ASK oc##.thawte.com
- '%LOCALAPPDATA%\jaxxliberty\servicehub.identityhost.exe' <Full path to file>
- '%WINDIR%\syswow64\schtasks.exe' /Create /SC MINUTE /MO 5 /TN "ServiceHub VSDetouredHost" /TR "%LOCALAPPDATA%\JaxxLiberty\ServiceHub.IdentityHost.exe" /F' (with hidden window)
- '%WINDIR%\syswow64\schtasks.exe' /Create /SC MINUTE /MO 5 /TN "ServiceHub VSDetouredHost" /TR "%LOCALAPPDATA%\JaxxLiberty\ServiceHub.IdentityHost.exe" /F