Technical Information
- <SYSTEM32>\tasks\home http service
- <SYSTEM32>\svchost.exe
- %PROGRAMDATA%\حلرائوشخ.exe
- %APPDATA%\httpservice\حلرائوشخ.exe
- %APPDATA%\httpservice\settings.ini
- %WINDIR%\temp\cab683e.tmp
- %WINDIR%\temp\tar683f.tmp
- %WINDIR%\temp\cab684f.tmp
- %WINDIR%\temp\tar6860.tmp
- %WINDIR%\temp\cab683e.tmp
- %WINDIR%\temp\tar683f.tmp
- %WINDIR%\temp\cab684f.tmp
- %WINDIR%\temp\tar6860.tmp
- '14#.#1.79.12':443
- '%PROGRAMDATA%\حلرائوشخ.exe'
- '%APPDATA%\httpservice\حلرائوشخ.exe'
- '%PROGRAMDATA%\حلرائوشخ.exe' ' (with hidden window)
- '<SYSTEM32>\svchost.exe' ' (with hidden window)
- '%APPDATA%\httpservice\حلرائوشخ.exe' ' (with hidden window)
- '<SYSTEM32>\svchost.exe'