Technical Information
- <SYSTEM32>\tasks\firefox default browser agent f72750c8bcb168a3
- %APPDATA%\biureui
- %APPDATA%\biureui
- 'gr##nbi.net':80
- http://gr##nbi.net/tmp/
- DNS ASK gr##nbi.net
- DNS ASK sp###dyn.com
- DNS ASK pi##6.ru
- '%APPDATA%\biureui'
- '%APPDATA%\biureui' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {FA60CAA4-FDF5-4769-8617-5A8A2F76AD02} S-1-5-21-3150914307-1777937420-491476919-1000:twfmgmlbgxh\user:Interactive:[1]