Technical Information
- %WINDIR%\explorer.exe
- %TEMP%\content\3684-3616-wscript.exe-23-37-59-299.dump
- %TEMP%\content\3684-3616-wscript.exe-23-37-59-765.dump
- %TEMP%\content\3684-3616-wscript.exe-23-38-01-647.dump
- %TEMP%\eawagjsyyfd3
- %ProgramFiles%\UNP\Logs\UpdateNotificationPipeline.001.etl
- http://ja###ackova.cz/487ygfh?Ea#####################
- http://ne##ogic.fr/487ygfh?Ea#####################
- http://li#####ealthyworld.com/487ygfh?Ea#####################
- DNS ASK ja###ackova.cz
- DNS ASK ne##ogic.fr
- DNS ASK li#####ealthyworld.com
- DNS ASK ca###trove.net
- DNS ASK re###orn.net
- DNS ASK go.microsoft.com
- DNS ASK settings-win.data.microsoft.com
- DNS ASK share.microsoft.com
- DNS ASK maps.windows.com
- DNS ASK dl.delivery.mp.microsoft.com
- DNS ASK ar#.msn.com
- DNS ASK im##########-rt-microsoft-com.akamaized.net
- '<SYSTEM32>\devicecensus.exe' UserCxt
- '<SYSTEM32>\svchost.exe' -k netsvcs -p