Technical Information
- <SYSTEM32>\tasks\ummnsq9caeqnr0c8vb
- '%WINDIR%\syswow64\taskkill.exe' /im <File name>.exe /f
- %PROGRAMDATA%\{r6944t68-6aod-uugd-0jwb4ql4vk9p}\iexplore.exe
- http://gr####wi.beget.tech/gate/connection.php
- http://gr####wi.beget.tech/gate/config.php
- http://gr####wi.beget.tech/gate/update.php
- DNS ASK gr####wi.beget.tech
- ClassName: '' WindowName: ''
- '%PROGRAMDATA%\{r6944t68-6aod-uugd-0jwb4ql4vk9p}\iexplore.exe'
- '%PROGRAMDATA%\{r6944t68-6aod-uugd-0jwb4ql4vk9p}\iexplore.exe' ' (with hidden window)
- '%WINDIR%\syswow64\schtasks.exe' /Create /SC MINUTE /MO 15 /TN "UMMNSQ9CAEQNR0C8VB" /TR "%PROGRAMDATA%\{R6944T68-6AOD-UUGD-0JWB4QL4VK9P}\iexplore.exe" /F' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c taskkill /im <File name>.exe /f & erase /c taskkill /im <File name> & exit' (with hidden window)
- '%WINDIR%\syswow64\schtasks.exe' /Create /SC MINUTE /MO 15 /TN "UMMNSQ9CAEQNR0C8VB" /TR "%PROGRAMDATA%\{R6944T68-6AOD-UUGD-0JWB4QL4VK9P}\iexplore.exe" /F
- '%WINDIR%\syswow64\cmd.exe' /c taskkill /im <File name>.exe /f & erase /c taskkill /im <File name> & exit