Technical Information
- pe_local.exe
- %LOCALAPPDATA%\pe_local.exe
- <Current directory>\slap_injector.exe
- '%LOCALAPPDATA%\pe_local.exe'
- '<Current directory>\slap_injector.exe'
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -EncodedCommand "PAAjAHkAdgBrACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGMAZQBtACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwA...' (with hidden window)
- '%LOCALAPPDATA%\pe_local.exe' ' (with hidden window)
- '<Current directory>\slap_injector.exe' ' (with hidden window)
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -EncodedCommand "PAAjAHkAdgBrACMAPgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGMAZQBtACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwA...