Technical Information
- Windows Defender
- '<SYSTEM32>\taskkill.exe' /IM <File name>.exe /F /T
- <SYSTEM32>\cmd.exe
- %APPDATA%\spf\unknown.log
- %TEMP%\ps3rd0oi.bat
- %TEMP%\f6dd8fee-a360-4ce2-8582-ed7aea94e5d6.bat
- %TEMP%\f6dd8fee-a360-4ce2-8582-ed7aea94e5d6.bat
- ClassName: '' WindowName: ''
- '%TEMP%\ps3rd0oi.bat' ok
- '<SYSTEM32>\cmd.exe' /C "%TEMP%\f6dd8fee-a360-4ce2-8582-ed7aea94e5d6.bat"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /C "%TEMP%\f6dd8fee-a360-4ce2-8582-ed7aea94e5d6.bat"