Technical Information
- <SYSTEM32>\tasks\ms visual extension
- <SYSTEM32>\svchost.exe
- %APPDATA%\reactapp\yscdvrq.exe
- %WINDIR%\temp\~df442d9758a8560a21.tmp
- %APPDATA%\reactapp\settings.ini
- %WINDIR%\temp\~df442d9758a8560a21.tmp
- '46.##.41.229':443
- '%APPDATA%\reactapp\yscdvrq.exe'
- '<SYSTEM32>\svchost.exe' ' (with hidden window)
- '%APPDATA%\reactapp\yscdvrq.exe' ' (with hidden window)
- '<SYSTEM32>\svchost.exe'