Technical Information
- <SYSTEM32>\usrrtosa0.exe
- <SYSTEM32>\usrrtosa0.exe
- <SYSTEM32>\usrrtosa0.exe
- <SYSTEM32>\Restore\MachineGuid.txt
- 'localhost':1038
- '19#.#4.213.243':80
- 19#.#4.213.243/adfclick
- DNS ASK so#####ngclosely.com
- '<Private IP address>':1035
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''