Technical Information
- %WINDIR%\syswow64\svchost.exe
- firefox.exe
- firefox.exe process, nss3.dll module
- %TEMP%\45c18fb1
- %TEMP%\tmpc8af.tmp
- %LOCALAPPDATA%\applicationhistory\e70b019f.dat
- %TEMP%\tmp53a0.tmp
- %TEMP%\18270f82.dat
- %TEMP%\tmp435b.tmp
- %TEMP%\tmp43d6.tmp
- %TEMP%\tmp48be.tmp
- %LOCALAPPDATA%\adobe\color\c5a1ff8b.dat
- 'be##.#ally02.org':80
- http://13#.#88.40.189/tor/status-vote/current/consensus
- http://19#.#3.244.244/tor/status-vote/current/consensus
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- http://be##.#ally02.org/f.php
- DNS ASK i.##gur.com
- DNS ASK microsoft.com
- DNS ASK be##.#ally02.org
- '%WINDIR%\syswow64\svchost.exe'