Technical Information
- '%TEMP%\<File name>\<File name>.exe'
- '<Full path to file>'
- '<SYSTEM32>\ping.exe' 1.1.1.1 -n 1 -w 1000
- '<SYSTEM32>\cmd.exe' /C ping 1.1.1.1 -n 1 -w 1000 > Nul & Del "<Full path to file>"
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe' <Full path to file> 2976 25aef943e08a47269cb800ec066ffa38
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- %TEMP%\<File name>\<File name>.exe
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.new
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.new
- <Full path to file>
- from %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.new to %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch
- from %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.new to %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch