Technical Information
- <SYSTEM32>\tasks\firefox default browser agent cf52b8642eadb801
- %APPDATA%\stiavwb
- %APPDATA%\stiavwb
- 'gr##nbi.net':80
- http://gr##nbi.net/tmp/
- DNS ASK gr##nbi.net
- DNS ASK sp###dyn.com
- DNS ASK pi##6.ru
- '%APPDATA%\stiavwb'
- '%APPDATA%\stiavwb' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {FB1C95DE-9487-4FBE-B030-52CD04AEDCDC} S-1-5-21-1238866942-1249195528-555854008-1000:rjtzuqq\user:Interactive:[1]