Technical Information
- '<SYSTEM32>\taskkill.exe' /F /IM checkprocess.exe
- '<SYSTEM32>\taskkill.exe' /F /IM check.exe
- %TEMP%\ea47.tmp\ea48.bat
- %TEMP%\ea47.tmp\ea48.bat
- ClassName: '' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\EA47.tmp\EA48.bat <Full path to file>"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\EA47.tmp\EA48.bat <Full path to file>"
- '<SYSTEM32>\ping.exe' -n 1 192.168.0.205
- '<SYSTEM32>\findstr.exe' TTL
- '<SYSTEM32>\cmd.exe' /c "del /Q /F C:\Users\Admin\AppData\Local\Programs\syslog\check.txt"
- '<SYSTEM32>\cmd.exe' /c "start /b TASKKILL /F /IM checkprocess.exe"
- '<SYSTEM32>\cmd.exe' /c "start /b TASKKILL /F /IM check.exe"