Technical Information
- %WINDIR%\Tasks\imbdhsd.job
- %APPDATA%\Microsoft\CryptnetUrlCache\Content\1F356F4D07FE8C483E769E4586569404
- %TEMP%\greddfe.exe
- %APPDATA%\Microsoft\CryptnetUrlCache\MetaData\1F356F4D07FE8C483E769E4586569404
- %APPDATA%\Microsoft\CryptnetUrlCache\MetaData\B69D763EB21649DA26F20618312DEE70
- %APPDATA%\Microsoft\CryptnetUrlCache\Content\B69D763EB21649DA26F20618312DEE70
- %WINDIR%\Tasks\imbdhsd.job
- 'cr#.##modoca.com':80
- 'cr#.##ertrust.com':80
- 'wp#d':80
- cr#.##modoca.com/COMODOCodeSigningCA2.crl
- cr#.##ertrust.com/UTN-USERFirst-Object.crl
- wp#d/wpad.dat
- DNS ASK cr#.##modoca.com
- DNS ASK cr#.##ertrust.com
- DNS ASK wp#d