Technical Information
- <SYSTEM32>\tasks\runasstduser task
- %TEMP%\iwingames\downloads\file_4504160701221368924.unk
- <SYSTEM32>\tasks\runasstduser task
- %TEMP%\iwingames\downloads\file_4504160701221368924.unk
- 'up###e.iwin.com':80
- http://up###e.iwin.com/dgu?ga##########################
- DNS ASK up###e.iwin.com
- ClassName: '#32770' WindowName: 'iWin Games Manager'
- '<Full path to file>' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {6A276431-9289-40ED-AA0F-81D22F11AD12} S-1-5-21-1960123792-2022915161-3775307078-1001:nkyzwyfnd\user:Interactive:[1]