Technical Information
- <SYSTEM32>\tasks\gaming
- <SYSTEM32>\tasks\gaming2
- %TEMP%\rarsfx0\gaming.exe
- %TEMP%\rarsfx0\gaming.bat
- %TEMP%\gaming.exe
- %LOCALAPPDATA%\hywyfmmdwzps.zip
- '14#.#23.21.212':1111
- '14#.#23.97.239':445
- '14#.#23.97.239':139
- ClassName: 'EDIT' WindowName: ''
- '%TEMP%\gaming.exe'
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\RarSFX0\gaming.bat" "
- '%WINDIR%\syswow64\schtasks.exe' /Create /SC DAILY /TN gaming /TR "%TEMP%\gaming.exe" /ST 21:00 /F
- '%WINDIR%\syswow64\schtasks.exe' /Create /SC DAILY /TN gaming2 /TR "%TEMP%\gaming.exe" /ST 22:30 /F