Technical Information
- <SYSTEM32>\tasks\firefox default browser agent 41abc49afcbbc9fb
- %APPDATA%\fsbitbv
- %TEMP%\298f.exe
- %TEMP%\3784.exe
- %TEMP%\8595.exe
- %TEMP%\a7c6.exe
- %TEMP%\b648.exe
- %APPDATA%\fsbitbv
- 'po###ulit.org':80
- 'op#####nstruction.com':443
- '19#.#10.203.101':80
- '77.##.134.27':80
- http://19#.#10.203.101/puta/japanx86.exe
- http://77.##.134.27/llpb1133.exe
- http://po###ulit.org/
- 'op#####nstruction.com':443
- DNS ASK po###ulit.org
- DNS ASK op#####nstruction.com
- '%TEMP%\298f.exe'
- '%TEMP%\3784.exe'
- '%TEMP%\8595.exe'
- '%TEMP%\a7c6.exe'
- '%TEMP%\b648.exe'
- '<SYSTEM32>\werfault.exe' -u -p 1656 -s 56' (with hidden window)