Technical Information
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012020030620200307\index.dat
- %APPDATA%\microsoft\windows\iecompatcache\index.dat
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012020030620200307\index.dat
- %LOCALAPPDATA%\Microsoft\Windows\History\History.IE5\desktop.ini
- '16#.#4.139.24':21
- '%WINDIR%\syswow64\rundll32.exe' InetCpl.cpl,ClearMyTracksByProcess 1' (with hidden window)
- '%WINDIR%\syswow64\rundll32.exe' InetCpl.cpl,ClearMyTracksByProcess 32' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c del <File name>.exe' (with hidden window)
- '%WINDIR%\syswow64\explorer.exe' ftp://:@###.24.139.24
- '%WINDIR%\syswow64\rundll32.exe' InetCpl.cpl,ClearMyTracksByProcess 1
- '%WINDIR%\syswow64\rundll32.exe' InetCpl.cpl,ClearMyTracksByProcess 32
- '%ProgramFiles(x86)%\internet explorer\iexplore.exe' -ResetDestinationList
- '%WINDIR%\syswow64\cmd.exe' /c del <File name>.exe