Technical Information
- %WINDIR%\microsoft.net\framework\v4.0.30319\addinprocess32.exe
- %WINDIR%\microsoft.net\framework\v4.0.30319\addinprocess.exe
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\metadata\f0accf77cdcbff39f6191887f6d2d357
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\content\f0accf77cdcbff39f6191887f6d2d357
- %TEMP%\tempdatabase2020-03-08t13_57_46.1192031-07_001616
- %TEMP%\tempdatabase2020-03-08t13_57_47.2754531-07_001616
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- http://81.###.136.223:2012/websocket via 81.##7.136.223
- DNS ASK na.###direadyfi.ru
- '%WINDIR%\microsoft.net\framework\v4.0.30319\addinprocess32.exe'