Technical Information
- <SYSTEM32>\tasks\microsoft\windows\sys
- %LOCALAPPDATA%\microsoft\windows\hyper-v.exe
- %LOCALAPPDATA%\hyper-v.ver
- 'ki#####msiieeyqa.xyz':443
- 'ew#####gqswqesiw.xyz':443
- http://ew######qswqesiw.xyz:443/avast_update via ew#####gqswqesiw.xyz
- http://ew######qswqesiw.xyz:443/api/client_hello via ew#####gqswqesiw.xyz
- DNS ASK ki#####msiieeyqa.xyz
- DNS ASK ss#####uowqcwsqo.xyz
- DNS ASK yk#####uummieaug.xyz
- DNS ASK ew#####gqswqesiw.xyz
- '%WINDIR%\syswow64\systeminfo.exe'