Technical Information
- <SYSTEM32>\tasks\lime_0.5
- %APPDATA%\googlecrushhandler\googlehandler.exe
- %APPDATA%\googlecrushhandler\googlehandler.exe
- '11#.#14.35.66':1919
- 'pa###bin.com':443
- DNS ASK pa###bin.com
- '%APPDATA%\googlecrushhandler\googlehandler.exe'
- '<SYSTEM32>\schtasks.exe' /create /f /sc minute /mo 1 /tn Lime_0.5 /tr %APPDATA%\GoogleCrushHandler\GoogleHandler.exe' (with hidden window)
- '%APPDATA%\googlecrushhandler\googlehandler.exe' ' (with hidden window)
- '<SYSTEM32>\schtasks.exe' /create /f /sc minute /mo 1 /tn Lime_0.5 /tr %APPDATA%\GoogleCrushHandler\GoogleHandler.exe
- '<SYSTEM32>\taskeng.exe' {6F661538-7554-49B2-9D4E-CEB9CD22084C} S-1-5-21-1960123792-2022915161-3775307078-1001:iqtbnetho\user:Interactive:[1]