Technical Information
- %WINDIR%\win.ini
- %WINDIR%\syswow64\cmd.exe
- %TEMP%\w2kuifig15.gif
- %TEMP%\wikipedia-ru.xml
- %TEMP%\xattrtdb.x8664-linux-gnu.so
- %TEMP%\gdm3.prerm
- %TEMP%\hdf5stubimageplugin.py
- %TEMP%\officevstodynamiccontrolsfig1thumb.gif
- %TEMP%\vfp9rwinaction15.gif
- %TEMP%\fonts-tlwg-kinnari.prerm
- %TEMP%\u2ldts.dll
- %TEMP%\shiplap
- %TEMP%\megacities.exe
- %TEMP%\stimycontrabassoon.dll
- %TEMP%\11530781394624893199369.tmp-shm
- %TEMP%\1153250333550129321855.tmp-shm
- %TEMP%\11530781394624893199369.tmp-shm
- %TEMP%\1153250333550129321855.tmp-shm
- '%TEMP%\megacities.exe'
- '%WINDIR%\syswow64\cmd.exe' /c <SYSTEM32>\timeout.exe 3 & del "cmd.exe"' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe'
- '%WINDIR%\syswow64\cmd.exe' /c <SYSTEM32>\timeout.exe 3 & del "cmd.exe"
- '%WINDIR%\syswow64\timeout.exe' 3