Technical Information
- %WINDIR%\tasks\fastsync.job
- <SYSTEM32>\tasks\fastsync
- %ALLUSERSPROFILE%\{eef116d5-3544-a1fc-eef1-116d53545b54}\<File name>.exe
- %ALLUSERSPROFILE%\{eef116d5-3544-a1fc-eef1-116d53545b54}\<File name>.dat
- 'mo###odel.biz':80
- 'ri###ynorth.biz':80
- DNS ASK mo###odel.biz
- DNS ASK al####el-pro.com
- DNS ASK ri###ynorth.biz