Technical Information
- %WINDIR%\tasks\wow64.job
- <SYSTEM32>\tasks\wow64
- %WINDIR%\tasks\kitgrepcnalwjuhsfqd.job
- <SYSTEM32>\tasks\kitgrepcnalwjuhsfqd
- %WINDIR%\temp\vitgr.exe
- %WINDIR%\tasks\wow64.job
- %WINDIR%\tasks\kitgrepcnalwjuhsfqd.job
- <SYSTEM32>\tasks\kitgrepcnalwjuhsfqd
- <SYSTEM32>\tasks\wow64
- '88.##8.147.80':4174
- 'wa###twasabi.io':80
- '88.##8.147.80':4174
- DNS ASK wa###twasabi.io
- '%WINDIR%\temp\vitgr.exe'
- '%WINDIR%\temp\vitgr.exe' start
- '<Full path to file>' start' (with hidden window)
- '%WINDIR%\temp\vitgr.exe' ' (with hidden window)
- '%WINDIR%\temp\vitgr.exe' start' (with hidden window)