Technical Information
- <SYSTEM32>\tasks\{3565e5e7-976c-4e04-1c04-572e6f81c1b1}
- %WINDIR%\temp\0022-1.dll
- %APPDATA%\{7ec46f6b-f04c-2eb1-1134-5aa0876d660c}\{04507df6-6e4f-ff3b-8102-1eb3f3a6f6a7}\beuzpuaceb.dll
- 'mo####fastnow.com':443
- 'mo####fastnow.com':80
- 'je###poster.com':443
- http://mo####fastnow.com/
- 'mo####fastnow.com':443
- 'je###poster.com':443
- DNS ASK mo####fastnow.com
- DNS ASK sk###helres.com
- DNS ASK je###poster.com
- '<SYSTEM32>\cmd.exe' /C rundll32.exe %APPDATA%\{7EC46F6B-F04C-2EB1-1134-5AA0876D660C}\{04507DF6-6E4F-FF3B-8102-1EB3F3A6F6A7}\Beuzpuaceb.dll,#1' (with hidden window)
- '<SYSTEM32>\regsvr32.exe' C://windows/Temp/0022-1.dll
- '<SYSTEM32>\cmd.exe' /C rundll32.exe %APPDATA%\{7EC46F6B-F04C-2EB1-1134-5AA0876D660C}\{04507DF6-6E4F-FF3B-8102-1EB3F3A6F6A7}\Beuzpuaceb.dll,#1
- '<SYSTEM32>\rundll32.exe' %APPDATA%\{7EC46F6B-F04C-2EB1-1134-5AA0876D660C}\{04507DF6-6E4F-FF3B-8102-1EB3F3A6F6A7}\Beuzpuaceb.dll,#1