Technical Information
- %WINDIR%\explorer.exe
- %TEMP%\content\3912-872-wscript.exe-04-20-47-611.dump
- %TEMP%\content\3912-872-wscript.exe-04-20-47-706.dump
- %TEMP%\content\3912-872-wscript.exe-04-20-47-970.dump
- %TEMP%\0n0p34ublys2
- %ProgramFiles%\UNP\Logs\UpdateNotificationPipeline.001.etl
- http://rh###mlogic.com/39rsqign1i
- http://rn####hnology.com/2szwz3yrtq
- http://sa##d.it/shdltwfb
- http://re###sport.cz/3die4w
- http://re###sport.cz/3die4w/
- http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?8d##############
- DNS ASK rh###mlogic.com
- DNS ASK rn####hnology.com
- DNS ASK sa##d.it
- DNS ASK sa#####edfordshire.info
- DNS ASK re###sport.cz
- DNS ASK share.microsoft.com
- DNS ASK go.microsoft.com
- DNS ASK settings-win.data.microsoft.com
- DNS ASK maps.windows.com
- DNS ASK dl.delivery.mp.microsoft.com
- DNS ASK ar#.msn.com
- DNS ASK im##########-rt-microsoft-com.akamaized.net
- '<SYSTEM32>\wscript.exe' /b /nologo <PATH_SAMPLE>.js
- '<SYSTEM32>\devicecensus.exe' UserCxt
- '<SYSTEM32>\svchost.exe' -k netsvcs -p