Technical Information
- wbusernetschedule.exe
- C:\perflogs1\wbusernetschedule.exe
- %WINDIR%\ziplib.dll
- C:\programs\snapcrab.exe
- %WINDIR%\en_util.dll
- C:\programs\bmp1
- C:\perflogs1\bmp
- <Current directory>\poc_exec_cmd.inf
- <Current directory>\poc_exec_cmd.inf
- C:\programs\snapcrab.exe
- '18#.#15.192.53':8000
- 'C:\programs\snapcrab.exe'
- 'C:\perflogs1\wbusernetschedule.exe'
- '%WINDIR%\syswow64\cmd.exe' /c start "" "C:\PerfLogs1\WbUserNetSchedule.exe' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c del C:\Programs\SnapCrab.exe > nul' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c start "" "C:\PerfLogs1\WbUserNetSchedule.exe
- '%WINDIR%\syswow64\cmd.exe' /c del C:\Programs\SnapCrab.exe > nul