Technical Information
- %WINDIR%\tasks\momentcapture.job
- %ALLUSERSPROFILE%\application data\{81f56a5d-2fe3-d537-81f5-56a5d2fea974}\<File name>.exe
- %ALLUSERSPROFILE%\application data\{81f56a5d-2fe3-d537-81f5-56a5d2fea974}\<File name>.dat
- DNS ASK ri###ynorth.biz
- DNS ASK ce####-ring.link
- DNS ASK gr###model.biz