Technical Information
- <SYSTEM32>\tasks\microsoft localmanager [910416086]
- %PROGRAMDATA%\{86844643-8684-8684-868446436966}\csrss.exe
- %PROGRAMDATA%\{86844643-8684-8684-868446436966}\csrss.exe
- DNS ASK google-public-dns-a.google.com
- '%PROGRAMDATA%\{86844643-8684-8684-868446436966}\csrss.exe'
- '%WINDIR%\syswow64\schtasks.exe' /create /sc minute /tn "Microsoft LocalManager [910416086]" /f /tr "%PROGRAMDATA%\{86844643-8684-8684-868446436966}\csrss.exe"' (with hidden window)
- '%PROGRAMDATA%\{86844643-8684-8684-868446436966}\csrss.exe' ' (with hidden window)
- '%WINDIR%\syswow64\schtasks.exe' /create /sc minute /tn "Microsoft LocalManager [910416086]" /f /tr "%PROGRAMDATA%\{86844643-8684-8684-868446436966}\csrss.exe"
- '<SYSTEM32>\taskeng.exe' {B49B6B27-9AD2-4F33-99C5-D6CB2287BB48} S-1-5-21-1960123792-2022915161-3775307078-1001:ffshwrh\user:Interactive:[1]