Technical Information
- %WINDIR%\tasks\capturehigh.job
- <SYSTEM32>\tasks\capturehigh
- '%TEMP%\18onlygirlsdiscoveringanewworldmonroe.exe-1623822939031.exe'
- %TEMP%\18onlygirlsdiscoveringanewworldmonroe.exe-1623822939031.exe
- %ALLUSERSPROFILE%\{fdf74bbf-000b-a9a4-fdf7-74bbf0002efc}\18onlygirlsdiscoveringanewworldmonroe.exe-1623822939031.exe
- %ALLUSERSPROFILE%\{fdf74bbf-000b-a9a4-fdf7-74bbf0002efc}\18onlygirlsdiscoveringanewworldmonroe.exe-1623822939031.dat
- %TEMP%\18onlygirlsdiscoveringanewworldmonroe.exe-1623822939031.exe
- 'ge####uesee.info':80
- 'ce####-ring.link':80
- 'ri###ynorth.biz':80
- DNS ASK ge####uesee.info
- DNS ASK ce####-ring.link
- DNS ASK ri###ynorth.biz
- '%TEMP%\18onlygirlsdiscoveringanewworldmonroe.exe-1623822939031.exe' ' (with hidden window)