Technical Information
- <SYSTEM32>\tasks\windowsupdatesvc
- %ALLUSERSPROFILE%\windowsupdatesvc\iexplorer.exe
- %ALLUSERSPROFILE%\windowsupdatesvc\iexplorer.exe
- 'ba##u.com':80
- '11#.#2.4.192':443
- http://www.ba##u.com/
- DNS ASK ba##u.com
- '%ALLUSERSPROFILE%\windowsupdatesvc\iexplorer.exe'
- '%ALLUSERSPROFILE%\windowsupdatesvc\iexplorer.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ping 127.0.0.1 -n 60
- '%WINDIR%\syswow64\ping.exe' 127.0.0.1 -n 60
- '<SYSTEM32>\taskeng.exe' {2C811F03-B565-4227-B17A-7364DFB06E48} S-1-5-21-1960123792-2022915161-3775307078-1001:jnwipcsbleot\user:Interactive:[1]