Technical Information
- %TEMP%\~f8be.bat
- nul
- %TEMP%\~f8be.bat
- <DRIVERS>\etc\lmhosts.sam
- %TEMP%\~f8be.bat
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\~F8BE.bat "<Full path to file>"' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\~F8BE.bat "<Full path to file>"
- '%WINDIR%\syswow64\cmd.exe' /S /D /c" echo y"
- '%WINDIR%\syswow64\cacls.exe' <DRIVERS>\etc\hosts /g everyone:f
- '%WINDIR%\syswow64\attrib.exe' -r -a -s -h <DRIVERS>\etc\hosts
- '%WINDIR%\syswow64\ping.exe' -n 3 127.1
- '%WINDIR%\syswow64\attrib.exe' +r +a +s +h <DRIVERS>\etc\hosts