Technical Information
- %WINDIR%\tasks\handylogs.job
- %ALLUSERSPROFILE%\application data\{001ff30e-ecea-2568-001f-ff30eececc3b}\<File name>.exe
- %ALLUSERSPROFILE%\application data\{001ff30e-ecea-2568-001f-ff30eececc3b}\<File name>.dat
- DNS ASK ri###ynorth.biz
- DNS ASK al####el-pro.com
- DNS ASK ge####ltiple.link
- DNS ASK fu###et.link