Technical Information
- <SYSTEM32>\tasks\firefox default browser agent 5faa5645c9a6ea6c
- %APPDATA%\tcrbetr
- %APPDATA%\tcrbetr
- 'gu##ntas.at':80
- 'ki###irate.ru':80
- 'ki###irate.ru':443
- http://gu##ntas.at/tmp/
- http://ki###irate.ru/tmp/
- 'ki###irate.ru':443
- DNS ASK gu##ntas.at
- DNS ASK pi##6.ru
- DNS ASK ro###iauto.com
- DNS ASK ki###irate.ru
- '%APPDATA%\tcrbetr'
- '%APPDATA%\tcrbetr' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {15683592-3CD2-4770-BEAF-C0F11076542D} S-1-5-21-1238866942-1249195528-555854008-1000:hjtwmprqhsg\user:Interactive:[1]