Technical Information
- <SYSTEM32>\wlrmdr.exe
- %TEMP%\d596.tmp\d5b6.vbs
- '<SYSTEM32>\cscript.exe' %TEMP%\D596.tmp\D5B6.vbs
- '<SYSTEM32>\cmd.exe' /c shutdown -r -t 180 -c "˵ÎÒÊÇÖГ£¬²»ËµÎÒÊÇÖГ¾ÍÒ»·ÖÖÓ¹Г»ú£¬²»ÐÅ£¬ÊÔÏ¡¤¡¤¡¤"' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c shutdown -r -t 180 -c "˵ÎÒÊÇÖГ£¬²»ËµÎÒÊÇÖГ¾ÍÒ»·ÖÖÓ¹Г»ú£¬²»ÐÅ£¬ÊÔÏ¡¤¡¤¡¤"
- '<SYSTEM32>\shutdown.exe' -r -t 180 -c "˵ÎÒÊÇÖГ£¬²»ËµÎÒÊÇÖГ¾ÍÒ»·ÖÖÓ¹Г»ú£¬²»ÐÅ£¬ÊÔÏ¡¤¡¤¡¤"