Technical Information
- '<SYSTEM32>\taskkill.exe' /F /IM WmiPrvSE.exe
- %TEMP%\ad9d.tmp\adad.tmp\adae.bat
- %TEMP%\ad9d.tmp\adad.tmp\adae.bat
- ClassName: '' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\AD9D.tmp\ADAD.tmp\ADAE.bat <Full path to file>"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\AD9D.tmp\ADAD.tmp\ADAE.bat <Full path to file>"
- '<SYSTEM32>\powercfg.exe' /h off