Technical Information
- %WINDIR%\tasks\dailybooks.job
- <SYSTEM32>\tasks\dailybooks
- %PROGRAMDATA%\{1ecd555f-eb57-250c-1ecd-d555feb5557f}\<File name>.exe
- %PROGRAMDATA%\{1ecd555f-eb57-250c-1ecd-d555feb5557f}\<File name>.dat
- DNS ASK ge####ltiple.link
- DNS ASK ge###luesee.com
- DNS ASK gr###model.biz