Technical Information
- <SYSTEM32>\tasks\ms cloud disk
- <SYSTEM32>\svchost.exe
- %APPDATA%\cloudapp\ongteuvr.exe
- %WINDIR%\temp\~dfcb9c0d71e02f507c.tmp
- %APPDATA%\cloudapp\settings.ini
- %WINDIR%\temp\~dfcb9c0d71e02f507c.tmp
- '51.##4.69.244':443
- '%APPDATA%\cloudapp\ongteuvr.exe'
- '<SYSTEM32>\svchost.exe' ' (with hidden window)
- '%APPDATA%\cloudapp\ongteuvr.exe' ' (with hidden window)
- '<SYSTEM32>\svchost.exe'