Technical Information
- <SYSTEM32>\tasks\firefox default browser agent 5f0511faf9cddb61
- %TEMP%\cc4f.tmp
- %APPDATA%\twbwtfi
- %APPDATA%\twbwtfi
- %TEMP%\cc4f.tmp
- %TEMP%\cc4f.tmp
- 'pp##pb.com':80
- 'tw##mel.com':80
- 'la####tasonora.com':80
- http://pp##pb.com/upload/
- http://tw##mel.com/upload/
- http://la####tasonora.com/upload/
- DNS ASK pp##pb.com
- DNS ASK tw##mel.com
- DNS ASK ho###cash.com
- DNS ASK la####tasonora.com
- DNS ASK kp###ques.com
- '%APPDATA%\twbwtfi'
- '%APPDATA%\twbwtfi' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {8DEB69CD-69D4-43CE-B212-05DCEE0C729C} S-1-5-21-1960123792-2022915161-3775307078-1001:mwpqftmreed\user:Interactive:[1]