Technical Information
- Windows Defender
- '<SYSTEM32>\taskkill.exe' /IM <File name>.exe /F /T
- <SYSTEM32>\cmd.exe
- <Current directory>\112wgrds.utd
- %TEMP%\367b2d12-f58d-43d0-afa0-b10db958f461.bat
- %TEMP%\367b2d12-f58d-43d0-afa0-b10db958f461.bat
- <Current directory>\112wgrds.utd
- 'ip##.#tfismyip.com':443
- 'ip##.#tfismyip.com':443
- DNS ASK ip##.#tfismyip.com
- ClassName: '' WindowName: ''
- '<Current directory>\112wgrds.utd' ok
- '<SYSTEM32>\cmd.exe' /C "%TEMP%\367b2d12-f58d-43d0-afa0-b10db958f461.bat"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /C "%TEMP%\367b2d12-f58d-43d0-afa0-b10db958f461.bat"
- '<SYSTEM32>\attrib.exe' -r -s -h "<Full path to file>"