Technical Information
- %TEMP%\45b6.tmp\45c7.bat
- nul
- %TEMP%\45b6.tmp\45c7.bat
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\45B6.tmp\45C7.bat <Full path to file>"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\45B6.tmp\45C7.bat <Full path to file>"
- '<SYSTEM32>\cacls.exe' "<SYSTEM32>\config\system"
- '<SYSTEM32>\attrib.exe' -r <DRIVERS>\etc\hosts
- '<SYSTEM32>\find.exe' /C /I "serial.arcabit.pl" <DRIVERS>\etc\hosts
- '<SYSTEM32>\find.exe' /C /I "mx.arcabit.com" <DRIVERS>\etc\hosts
- '<SYSTEM32>\find.exe' /C /I "updsvc.arcabit.pl" <DRIVERS>\etc\hosts
- '<SYSTEM32>\find.exe' /C /I "repmr2.arcabit.pl" <DRIVERS>\etc\hosts
- '<SYSTEM32>\find.exe' /C /I "repmr5.arcabit.pl" <DRIVERS>\etc\hosts
- '<SYSTEM32>\attrib.exe' +r <DRIVERS>\etc\hosts
- '%WINDIR%\regedit.exe' /s Key1.reg