Technical Information
- <SYSTEM32>\sysfxui.dll
- <Current directory>\run.sct
- <Current directory>\aaaaaaaaaaaaaaaaaaaaaaaa
- <Current directory>\output.tlb
- <Current directory>\sysfxui.dll
- <Current directory>\sysfxui.dll.bak
- %TEMP%\workspace\mountpoint\bitc05e.tmp
- %TEMP%\workspace\mountpoint\bitc05e.tmp
- <Current directory>\aaaaaaaaaaaaaaaaaaaaaaaa
- <Current directory>\output.tlb
- <Current directory>\run.sct
- <Current directory>\sysfxui.dll.bak
- from %TEMP%\workspace\mountpoint\bitc05e.tmp to %TEMP%\workspace\mountpoint\test.txt
- 'localhost':445
- 'localhost':49172
- '<SYSTEM32>\bitsadmin.exe' /reset /allusers' (with hidden window)
- '<SYSTEM32>\bitsadmin.exe' /reset /allusers
- '<SYSTEM32>\cmd.exe'