Technical Information
- %WINDIR%\tasks\pocketcb.job
- %ALLUSERSPROFILE%\application data\{842e9beb-1cdb-e00d-842e-e9beb1cd6fac}\<File name>.exe
- %ALLUSERSPROFILE%\application data\{842e9beb-1cdb-e00d-842e-e9beb1cd6fac}\<File name>.dat
- DNS ASK gr###model.biz
- DNS ASK ge####ltiple.link
- DNS ASK ge###luesee.com