Technical Information
- <SYSTEM32>\tasks\firefox default browser agent 1c8ed1c5d806a549
- %WINDIR%\explorer.exe
- %APPDATA%\bejrsev
- %APPDATA%\bejrsev
- 'au###ney.com':80
- http://au###ney.com/upload/
- DNS ASK au###ney.com
- DNS ASK th###mmum.com
- DNS ASK at####pingtrips.com
- DNS ASK ku####ualaman.com
- DNS ASK re####zarazua.com
- DNS ASK na###mutlu.com
- '%APPDATA%\bejrsev'
- '%APPDATA%\bejrsev' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {86989229-16BF-4697-815B-FC439C67F2CA} S-1-5-21-1960123792-2022915161-3775307078-1001:cmrpwcauo\user:Interactive:[1]