Technical Information
- <SYSTEM32>\conhost.exe
- %WINDIR%\adesktop.dll
- %WINDIR%\md3sg\taskmgr.exe
- %WINDIR%\md3sg\0iifa.dll.bin
- %WINDIR%\md3sg\0iifa.dll
- '%WINDIR%\md3sg\taskmgr.exe'
- '%WINDIR%\md3sg\taskmgr.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c cls' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c cls