Technical Information
- '%WINDIR%\syswow64\taskkill.exe' /f /im poverify.exe
- %TEMP%\is-i38oq.tmp\<File name>.tmp
- %TEMP%\is-5mdtq.tmp\_isetup\_regdll.tmp
- %TEMP%\is-5mdtq.tmp\_isetup\_setup64.tmp
- %TEMP%\is-5mdtq.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-5mdtq.tmp\itdownload.dll
- %TEMP%\is-5mdtq.tmp\sptfun.dll
- http://www.zx##007.com/c_fortj/foraction.asp?id################
- DNS ASK zx##007.com
- ClassName: '' WindowName: ''
- '%TEMP%\is-i38oq.tmp\<File name>.tmp' /SL5="$5023E,8355859,74752,<Full path to file>"
- '%WINDIR%\syswow64\cmd.exe' /c taskkill /f /im poverify.exe' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c taskkill /f /im poverify.exe