Technical Information
- <SYSTEM32>\tasks\firefox default browser agent a6393a2f7c7bf1f9
- %WINDIR%\explorer.exe
- %HOMEPATH%\desktop\1189.jpeg
- %HOMEPATH%\desktop\aoc_saq_d_v3_merchant.docx
- %HOMEPATH%\desktop\dial.bmp
- %HOMEPATH%\desktop\hanni_umami_chapter.doc
- %APPDATA%\wfcvbfc
- %APPDATA%\wfcvbfc
- 'po###ulit.org':80
- 'hu###lior.net':80
- 'bu###u55t.net':80
- 'so###tlic4.net':80
- http://po###ulit.org/
- http://hu###lior.net/
- http://bu###u55t.net/
- http://so###tlic4.net/
- DNS ASK po###ulit.org
- DNS ASK hu###lior.net
- DNS ASK bu###u55t.net
- DNS ASK so###tlic4.net
- DNS ASK no####sa5org.org
- DNS ASK nu###jnuli.org
- DNS ASK to###olihul.net
- DNS ASK so####ka51hub.net
- DNS ASK hu###ui3.net
- DNS ASK bu###uka1.net
- DNS ASK go####paster.org
- DNS ASK ne####annd66.org
- DNS ASK ot###uyttn.org
- '%APPDATA%\wfcvbfc'
- '%APPDATA%\wfcvbfc' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {7361CF46-4E86-4327-A48F-226CB8FDC1CC} S-1-5-21-1960123792-2022915161-3775307078-1001:zvoeqj\user:Interactive:[1]