Technical Information
- <SYSTEM32>\tasks\updates\dinmgsin
- %APPDATA%\dinmgsin.exe
- %TEMP%\tmpcdc.tmp
- %APPDATA%\remcos\logs.dat
- %APPDATA%\dinmgsin.exe
- %TEMP%\tmpcdc.tmp
- '91.##3.75.224':2142
- '91.##3.75.224':2142
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath "%APPDATA%\dinmgsIn.exe"
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' Add-MpPreference -ExclusionPath "%APPDATA%\dinmgsIn.exe"' (with hidden window)
- '<SYSTEM32>\schtasks.exe' /Create /TN "Updates\dinmgsIn" /XML "%TEMP%\tmpCDC.tmp"' (with hidden window)
- '<SYSTEM32>\schtasks.exe' /Create /TN "Updates\dinmgsIn" /XML "%TEMP%\tmpCDC.tmp"