Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{G42IB12P-T6KF-U7PF-DRZT-2S584L9LW1SU}' = '"%ALLUSERSPROFILE%\Application Data\x86_netfx4-system.web.d..isualization.design_b03f5f7f11d50...
- from <Full path to file> to %ALLUSERSPROFILE%\application data\x86_netfx4-system.web.d..isualization.design_b03f5f7f11d50a3a_4.0.15788.0_none_211f588b4e51837e\adsldpc.exe
- '<SYSTEM32>\cmd.exe' /c icacls "%ALLUSERSPROFILE%\Application Data\x86_netfx4-system.web.d..isualization.design_b03f5f7f11d50a3a_4.0.15788.0_none_211f588b4e51837e" /inheritance:e /deny "*S-1-1-0:(R,REA,RA,RD)" & ic...' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c icacls "%ALLUSERSPROFILE%\Application Data\x86_netfx4-system.web.d..isualization.design_b03f5f7f11d50a3a_4.0.15788.0_none_211f588b4e51837e" /inheritance:e /deny "*S-1-1-0:(R,REA,RA,RD)" & ic...