Technical Information
- <SYSTEM32>\tasks\firefox default browser agent 1344ccc888ef0a09
- %TEMP%\cc4f.tmp
- %APPDATA%\fibrsdu
- %APPDATA%\fibrsdu
- %TEMP%\cc4f.tmp
- 'ov###un.monster':80
- 'di###bossin.com':80
- http://ov###un.monster/upload/
- http://di###bossin.com/upload/
- DNS ASK ov###un.monster
- DNS ASK ov##sun.net
- DNS ASK di###bossin.com
- DNS ASK du###.monster
- DNS ASK ja###.monster
- '%APPDATA%\fibrsdu'
- '%APPDATA%\fibrsdu' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {35397B74-5C98-4DE2-BC5C-E353A119D2AE} S-1-5-21-1960123792-2022915161-3775307078-1001:yglbfgs\user:Interactive:[1]