Technical Information
- <SYSTEM32>\tasks\download http service
- <SYSTEM32>\svchost.exe
- %PROGRAMDATA%\анаоすは래별.exe
- %APPDATA%\nuiget\анаоすは래별.exe
- %APPDATA%\nuiget\settings.ini
- %WINDIR%\temp\cabc4ba.tmp
- %WINDIR%\temp\tarc4bb.tmp
- %WINDIR%\temp\cabc4dc.tmp
- %WINDIR%\temp\tarc4dd.tmp
- %WINDIR%\temp\cabc4ba.tmp
- %WINDIR%\temp\tarc4bb.tmp
- %WINDIR%\temp\cabc4dc.tmp
- %WINDIR%\temp\tarc4dd.tmp
- '14#.91.79.9':443
- '%PROGRAMDATA%\анаоすは래별.exe'
- '%APPDATA%\nuiget\анаоすは래별.exe'
- '%PROGRAMDATA%\анаоすは래별.exe' ' (with hidden window)
- '<SYSTEM32>\svchost.exe' ' (with hidden window)
- '%APPDATA%\nuiget\анаоすは래별.exe' ' (with hidden window)
- '<SYSTEM32>\svchost.exe'