Technical Information
- %WINDIR%\syswow64\notepad.exe
- <Current directory>\uac.reg
- <Current directory>\uac.reg
- 'localhost':6666
- '8.###.170.242':8001
- '8.###.170.242':8001
- ClassName: 'CTXOPConntion_Class' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- '%WINDIR%\syswow64\cmd.exe' /C regedit /s Uac.reg' (with hidden window)
- '%WINDIR%\syswow64\notepad.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /C regedit /s Uac.reg
- '%WINDIR%\syswow64\regedit.exe' /s Uac.reg
- '%WINDIR%\syswow64\notepad.exe'