Technical Information
- %WINDIR%\tasks\medifees.job
- <SYSTEM32>\tasks\medifees
- %PROGRAMDATA%\{3e6a44f7-76f7-de19-3e6a-a44f776f13dd}\<File name>.exe
- %PROGRAMDATA%\{3e6a44f7-76f7-de19-3e6a-a44f776f13dd}\<File name>.dat
- DNS ASK mo###odel.biz
- DNS ASK ge###luesee.com
- DNS ASK pa###tmodel.biz