Technical Information
- <SYSTEM32>\rundll32.exe
- <SYSTEM32>\windowspowershell\v1.0\powershell.exe
- <SYSTEM32>\conhost.exe
- %TEMP%\ixp000.tmp\install.exe
- %TEMP%\evb83b1.tmp
- %TEMP%\ixp000.tmp\install.exe
- ClassName: '' WindowName: ''
- '%TEMP%\ixp000.tmp\install.exe'
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' Remove-Item '%TEMP%\IXP000.TMP\install.exe' -Force
- '<SYSTEM32>\rundll32.exe' cache.dmp,cleanup
- '%TEMP%\ixp000.tmp\install.exe' ' (with hidden window)
- '<SYSTEM32>\rundll32.exe' cache.dmp,cleanup' (with hidden window)
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' Remove-Item '%TEMP%\IXP000.TMP\install.exe' -Force' (with hidden window)