Technical Information
- <SYSTEM32>\tasks\firefox default browser agent fbd2a8a8af9ee894
- %TEMP%\d47f.tmp
- %APPDATA%\tgwhibu
- %APPDATA%\tgwhibu
- 're###at35xm.xyz':80
- 'de###ot2cx.club':80
- DNS ASK re###at35xm.xyz
- DNS ASK de###ot2cx.club
- '%APPDATA%\tgwhibu'
- '%APPDATA%\tgwhibu' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {90F5DE8F-0027-4770-9315-F569B761A66D} S-1-5-21-1960123792-2022915161-3775307078-1001:dipmegzb\user:Interactive:[1]