Technical Information
- %APPDATA%\edgecp\microsoftedgecps.exe
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\startup\microsoftedgecps.lnk
- %APPDATA%\edgecp\id.conf
- '18#.#93.88.150':80
- '%APPDATA%\edgecp\microsoftedgecps.exe'
- '%APPDATA%\edgecp\microsoftedgecps.exe' ' (with hidden window)
- '%WINDIR%\syswow64\wbem\wmic.exe' /Node:localhost /Namespace:\\root\SecurityCenter2 path AntiVirusProduct get DisplayName /FORMAT:List' (with hidden window)
- '%WINDIR%\syswow64\wbem\wmic.exe' os get caption /FORMAT:List' (with hidden window)
- '%WINDIR%\syswow64\wbem\wmic.exe' /Node:localhost /Namespace:\\root\SecurityCenter2 path AntiVirusProduct get DisplayName /FORMAT:List
- '%WINDIR%\syswow64\wbem\wmic.exe' os get caption /FORMAT:List