Technical Information
- '<SYSTEM32>\taskkill.exe' /f /t /im vm_importer.exe
- <SYSTEM32>\cmd.exe
- %TEMP%\e5d4.tmp\e5e5.tmp\e5e6.bat
- %TEMP%\e5d4.tmp\e5e5.tmp\e5e6.bat
- ClassName: '' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\E5D4.tmp\E5E5.tmp\E5E6.bat <Full path to file>"
- '<SYSTEM32>\tasklist.exe' /nh
- '<SYSTEM32>\find.exe' /i "vm_importer.exe"