Technical Information
- System File Checker (SFC)
- %TEMP%\_ta229.tmp
- %TEMP%\_ta239.tmp
- %WINDIR%\syswow64\rescom.dll
- %WINDIR%\syswow64\golnoia.dll
- %WINDIR%\syswow64\bitmap.bat
- '%WINDIR%\syswow64\sfc.exe' /REVERT' (with hidden window)
- '%WINDIR%\syswow64\sfc.exe' /REVERT
- '%WINDIR%\syswow64\rundll32.exe' <SYSTEM32>\golnoia.dll,init
- '%WINDIR%\syswow64\cmd.exe' /c <SYSTEM32>\bitmap.bat