Technical Information
- <SYSTEM32>\spoolsv.exe
- %WINDIR%\syswow64\xtimeout.exe
- <DRIVERS>\etc\hosts
- 'ty###heats.pro':443
- 'ty###heats.pro':443
- DNS ASK ty###heats.pro
- '%WINDIR%\syswow64\cmd.exe' /c md "%APPDATA%\Adobe\"
- '%WINDIR%\syswow64\cacls.exe' "<DRIVERS>\etc\hosts" /e /g Users:f
- '%WINDIR%\syswow64\cacls.exe' "<DRIVERS>\etc\hosts" /e /g Administrators:f
- '%WINDIR%\syswow64\cacls.exe' "<DRIVERS>\etc\hosts" /e /g System:f
- '%WINDIR%\syswow64\attrib.exe' -s -h -r "<DRIVERS>\etc\hosts"
- '<SYSTEM32>\spoolsv.exe'