Technical Information
- '<SYSTEM32>\taskkill.exe' /IM SecurityHealthSystray.exe /f
- %TEMP%\f563.tmp\abaddon.bat
- nul
- %HOMEPATH%\Favorites\desktop.ini
- %HOMEPATH%\Favorites\Links\desktop.ini
- ClassName: '' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\F563.tmp\Abaddon.bat" "<Full path to file>""' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\F563.tmp\Abaddon.bat" "<Full path to file>""
- '<SYSTEM32>\ping.exe' -n 1 -w 1000 0.0.0.1
- '<SYSTEM32>\rundll32.exe' user32 , SwapMouseButton