Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\svchost.exe
- %TEMP%\svchost.exe
- '18#.#6.148.147':5900
- '%TEMP%\svchost.exe'
- '%TEMP%\svchost.exe' -controlapp -slave
- '%TEMP%\svchost.exe' -controlapp -connect 185.86.148.147::5900
- '%TEMP%\svchost.exe' ' (with hidden window)
- '%TEMP%\svchost.exe' -controlapp -connect 185.86.148.147::5900' (with hidden window)