Technical Information
- [<HKCU>\software\microsoft\windows\currentversion\run] '{M8IVFR15-2135-704E-75I8-2IE4PE4442JE}' = '%APPDATA%\Microsoft\svchost.exe'
- %APPDATA%\microsoft\svchost.exe
- nul
- DNS ASK co####.servegame.com
- ClassName: 'Shell_traywnd' WindowName: ''
- '%APPDATA%\microsoft\svchost.exe'
- '%WINDIR%\syswow64\cmd.exe' /C ping 1.1.1.1 -n 1 -w 3000 > Nul & Del "<Full path to file>"' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /C ping 1.1.1.1 -n 1 -w 3000 > Nul & Del "<Full path to file>"
- '%WINDIR%\syswow64\ping.exe' 1.1.1.1 -n 1 -w 3000