Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\windowsdefender.url
- %WINDIR%\syswow64\svchost.exe
- %HOMEPATH%\windowsdefender\windowsdefender.vbs
- %HOMEPATH%\windowsdefender\appventstreamingmanager.exe
- 'st#####iarra.ddns.net':3360
- DNS ASK st#####iarra.ddns.net
- '%WINDIR%\syswow64\svchost.exe'