Technical Information
- <SYSTEM32>\cmd.exe
- %TEMP%\V0.8.exe
- %TEMP%\dw.log
- %TEMP%\1E46F.dmp
- %TEMP%\aut1.tmp
- %TEMP%\svchost.exe
- %TEMP%\aut2.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- '%TEMP%\svchost.exe'
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 1684
- '<SYSTEM32>\cmd.exe' /c %TEMP%\V0.8.exe
- '<SYSTEM32>\cmd.exe' /c %TEMP%\svchost.exe