Technical Information
- Windows Defender
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\{B0A84E9F-A6CE-4B49-B57D-94D1A1BCD5AE}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions] 'exe' = ...
- [<HKLM>\Software\Policies\Microsoft\Windows Defender\Exclusions\Extensions] 'exe' = ''
- %WINDIR%\syswow64\grouppolicy\gpt.ini
- %ALLUSERSPROFILE%\ntuser.pol
- '23.##4.227.214':80
- 'ip##fo.io':443
- 'microsoft.com':80
- 'db##p.com':443
- 'ma##ind.com':80
- 'ma##ind.com':443
- http://23.##4.227.214/api/tracemap.php
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- http://www.ma##ind.com/geoip/v2.1/city/me
- 'ip##fo.io':443
- 'db##p.com':443
- 'ma##ind.com':443
- DNS ASK ip##fo.io
- DNS ASK microsoft.com
- DNS ASK db##p.com
- DNS ASK ap#.#b-ip.com
- DNS ASK ma##ind.com
- '<SYSTEM32>\raserver.exe' /offerraupdate