Technical Information
- <SYSTEM32>\tasks\firefox default browser agent f4e8971db5a4459a
- %APPDATA%\ddfwrwe
- %APPDATA%\ddfwrwe
- 'su####lituyo.org':80
- 'sn####ukeutit.org':80
- 'li#####insteniki.org':80
- 'li####oumumy.org':80
- 'st#####luyastrelia.net':80
- 'cr####tikfenbut.org':80
- http://su####lituyo.org/
- http://sn####ukeutit.org/
- http://li#####insteniki.org/
- http://li####oumumy.org/
- http://st#####luyastrelia.net/
- http://cr####tikfenbut.org/
- DNS ASK on###ituyrs.org
- DNS ASK su####lituyo.org
- DNS ASK sn####ukeutit.org
- DNS ASK li#####insteniki.org
- DNS ASK li####oumumy.org
- DNS ASK st#####luyastrelia.net
- DNS ASK ku####artyty.net
- DNS ASK cr####tikfenbut.org
- DNS ASK to####uyaytre.org
- DNS ASK ty####nuewqy.org
- '%APPDATA%\ddfwrwe'
- '%APPDATA%\ddfwrwe' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {1B49953A-1E84-4916-848F-1C3116CBBD77} S-1-5-21-1238866942-1249195528-555854008-1000:knhfnfd\user:Interactive:[1]