Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Discord Updater' = '%APPDATA%\Discord\Discord.exe'
- <SYSTEM32>\tasks\discord updater
- %APPDATA%\discord\discord.exe
- 'ip###ger.org':443
- DNS ASK ip###ger.org
- '%APPDATA%\discord\discord.exe'
- '%WINDIR%\syswow64\cmd.exe' /c schtasks.exe /create /tn "Discord Updater" /tr "%APPDATA%\Discord\Discord.exe" /SC MINUTE /mo 2' (with hidden window)
- '%APPDATA%\discord\discord.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c schtasks.exe /create /tn "Discord Updater" /tr "%APPDATA%\Discord\Discord.exe" /SC MINUTE /mo 2
- '%WINDIR%\syswow64\schtasks.exe' /create /tn "Discord Updater" /tr "%APPDATA%\Discord\Discord.exe" /SC MINUTE /mo 2
- '<SYSTEM32>\taskeng.exe' {78464B6A-7467-4082-88D6-2CFC7CE61AE7} S-1-5-21-1960123792-2022915161-3775307078-1001:chcudwvr\user:Interactive:[1]