Technical Information
- Windows Defender
- '<SYSTEM32>\taskkill.exe' /IM <File name>.exe /F /T
- <SYSTEM32>\cmd.exe
- %TEMP%\c736528d-d2cd-414d-ac3b-0057360713c5.bat
- %TEMP%\unknownspf_log_2021_03_30__15_56_33_234.log
- <Full path to file>
- %TEMP%\c736528d-d2cd-414d-ac3b-0057360713c5.bat
- 'ip##.#tfismyip.com':443
- 'ip##.#tfismyip.com':443
- DNS ASK ip##.#tfismyip.com
- ClassName: '' WindowName: ''
- '<SYSTEM32>\cmd.exe' /C "%TEMP%\c736528d-d2cd-414d-ac3b-0057360713c5.bat"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /C "%TEMP%\c736528d-d2cd-414d-ac3b-0057360713c5.bat"
- '<SYSTEM32>\attrib.exe' -r -s -h "<Full path to file>"