Technical Information
- <SYSTEM32>\tasks\firefox default browser agent 0709966083c5c228
- %WINDIR%\explorer.exe
- urchbws
- %APPDATA%\urchbws
- %APPDATA%\urchbws
- 'fi#####in-host-12.com':80
- 'tr##sfer.sh':443
- 'bi###cket.org':443
- 'an###iles.com':443
- http://fi#####in-host-12.com/
- 'tr##sfer.sh':443
- 'bi###cket.org':443
- 'an###iles.com':443
- DNS ASK ho#####ta-coin-11.com
- DNS ASK fi#####in-host-12.com
- DNS ASK tr##sfer.sh
- DNS ASK bi###cket.org
- DNS ASK an###iles.com
- '%APPDATA%\urchbws'
- '%APPDATA%\urchbws' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {93B50BD1-1F42-404C-8CA5-E2F5EB94ED07} S-1-5-21-1960123792-2022915161-3775307078-1001:obdqbtagqvj\user:Interactive:[1]