Technical Information
- %WINDIR%\syswow64\findstr.exe
- from <Full path to file> to %TEMP%\1138713\....\temporaryfile
- '61.##7.96.143':8059
- 'pv.#ohu.com':80
- http://pv.#ohu.com/cityjson
- DNS ASK pv.#ohu.com
- '%WINDIR%\syswow64\findstr.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c del /f <Full path to file>' (with hidden window)
- '%WINDIR%\syswow64\findstr.exe'
- '%WINDIR%\syswow64\cmd.exe' /c del /f <Full path to file>