Technical Information
- %WINDIR%\tasks\update23.job
- <SYSTEM32>\tasks\update23
- <Drive name for removable media>:\a14c9750 .exe
- %ProgramFiles(x86)%\a14c9750\jusched.exe
- %ProgramFiles(x86)%\a14c9750\a14c9750
- %ALLUSERSPROFILE%\microsoft\crypto\rsa\s-1-5-18\d42cc0c3858a58db2db37658219e6400_d99ef00b-ccd3-4f1d-9980-90ac453b0b47
- %ProgramFiles(x86)%\a14c9750\a14c9750
- 'ft#.#ripod.com':21
- 'ft#.#ripod.com':21
- DNS ASK el######86444.el.funpic.org
- DNS ASK gr#####oji.host-ed.net
- DNS ASK ft#.#ripod.com
- '%ProgramFiles(x86)%\a14c9750\jusched.exe'