Technical Information
- '<SYSTEM32>\taskkill.exe' /f /im rundll32.exe
- %TEMP%\7ZipSfx.000\94jM.cmd
- %TEMP%\7ZipSfx.000\SFcE.dll.zip
- %TEMP%\7ZipSfx.000\7za.dll
- %TEMP%\7ZipSfx.000\7za.exe
- %TEMP%\7ZipSfx.000\7zxa.dll
- ClassName: '' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZipSfx.000\94jM.cmd" "
- '<SYSTEM32>\schtasks.exe' /Delete /tn "Tetemetry scheduled" /f
- '<SYSTEM32>\schtasks.exe' /delete /tn "Opera scheduled Autoupdate" /f
- '<SYSTEM32>\schtasks.exe' /delete /tn "%TEMP%\7ZipSfx.000\94jM.cmd"s84 /f
- '<SYSTEM32>\schtasks.exe' /delete /tn "Opera" /f
- '<SYSTEM32>\schtasks.exe' /delete /tn RpT /f