Technical Information
- %TEMP%\hosts.cmd
- nul
- %TEMP%\hosts.cmd
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\hosts.cmd""' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\hosts.cmd""
- '%WINDIR%\syswow64\cmd.exe' /S /D /c" TYPE "<DRIVERS>\etc\hosts" "
- '%WINDIR%\syswow64\find.exe' /I "genuine.microsoft.com"
- '%WINDIR%\syswow64\find.exe' /I "mpa.one.microsoft.com"
- '%WINDIR%\syswow64\find.exe' /I "sls.microsoft.com"