Technical Information
- '%WINDIR%\syswow64\taskkill.exe' /F /PID 924
- 'google.com':443
- '7z##e.com':80
- '7z##es.com':80
- 'google.com':443
- DNS ASK google.com
- DNS ASK 7z##.mobi
- DNS ASK di#v.at
- DNS ASK 7z##e.com
- DNS ASK 7z##es.com
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\Remove.bat" 924 <Full path to file>"' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\Remove.bat" 924 <Full path to file>"
- '%WINDIR%\syswow64\choice.exe' /C Y /N /D Y /T 3