Technical Information
- <SYSTEM32>\tasks\updates\geyvffpqsbgetj
- %APPDATA%\geyvffpqsbgetj.exe
- %TEMP%\tmp67d6.tmp
- %TEMP%\tmp67d6.tmp
- '80.##9.229.192':15646
- '%WINDIR%\syswow64\schtasks.exe' /Create /TN "Updates\GEyVFfPqSbGetJ" /XML "%TEMP%\tmp67D6.tmp"' (with hidden window)
- '%WINDIR%\syswow64\schtasks.exe' /Create /TN "Updates\GEyVFfPqSbGetJ" /XML "%TEMP%\tmp67D6.tmp"