Technical Information
- <SYSTEM32>\tasks\updates\cbepzjbepg
- %APPDATA%\cbepzjbepg.exe
- %TEMP%\tmp42b8.tmp
- %APPDATA%\cbepzjbepg.exe
- %TEMP%\tmp42b8.tmp
- 'nm###gbnvbxc.ru':6971
- DNS ASK nm###gbnvbxc.ru
- ClassName: 'Shell_traywnd' WindowName: ''
- '%WINDIR%\syswow64\schtasks.exe' /Create /TN "Updates\CBePzjbePG" /XML "%TEMP%\tmp42B8.tmp"' (with hidden window)
- '%WINDIR%\syswow64\schtasks.exe' /Create /TN "Updates\CBePzjbePG" /XML "%TEMP%\tmp42B8.tmp"