Technical Information
- '<SYSTEM32>\taskkill.exe' /F /IM explorer.exe
- %WINDIR%\explorer.exe
- %TEMP%\37f1.tmp\3801.tmp\3802.bat
- %TEMP%\prompt_for_confirmation.vbs
- ClassName: '' WindowName: ''
- '<SYSTEM32>\cscript.exe' %TEMP%\prompt_for_confirmation.vbs
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\37F1.tmp\3801.tmp\3802.bat <Full path to file>"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\37F1.tmp\3801.tmp\3802.bat <Full path to file>"
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -command "(new-object -com shell.application).minimizeall()"