Technical Information
- %WINDIR%\microsoft.net\framework\v2.0.50727\regasm.exe
- %APPDATA%\findstr\bdesysprep.exe
- %HOMEPATH%\.lnk
- 're#####19.duckdns.org':4230
- DNS ASK re#####19.duckdns.org
- '%WINDIR%\syswow64\schtasks.exe' /create /tn /tr "%APPDATA%\findstr\BdeSysprep.exe" /sc minute /mo 1 /F' (with hidden window)
- '%WINDIR%\microsoft.net\framework\v2.0.50727\regasm.exe'
- '%WINDIR%\syswow64\schtasks.exe' /create /tn /tr "%APPDATA%\findstr\BdeSysprep.exe" /sc minute /mo 1 /F