Technical Information
- '<SYSTEM32>\wscript.exe' "%TEMP%\issou.vbs"
- '<SYSTEM32>\taskkill.exe' /F /IM taskmgr.exe
- '<SYSTEM32>\cmd.exe' /c taskkill /F /IM cmd.exe
- '<SYSTEM32>\taskkill.exe' /F /IM cmd.exe
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 1532
- '<SYSTEM32>\cmd.exe' /k takeown /f <SYSTEM32>\hal.dll && icacls <SYSTEM32>\hal.dll /grant %username%:F
- '<SYSTEM32>\cmd.exe' /c taskkill /F /IM taskmgr.exe
- '<SYSTEM32>\shutdown.exe' /s /t 135 -c "Dans 5 minutes tu n'as plus de PC fils de viol, le 18-25 t'a bien baise le cul :)"
- <SYSTEM32>\cmd.exe
- %TEMP%\melt.exe
- %TEMP%\3E36C.dmp
- %TEMP%\issou.exe
- %TEMP%\dw.log
- %TEMP%\issou.jpeg
- %TEMP%\issou.vbs
- %APPDATA%\Microsoft\Speech\Files\UserLexicons\SP_2B8E0B09470B482CBBF6B450D1501F98.dat
- <SYSTEM32>\hal.dll
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'CicLoaderWndClass' WindowName: ''