Technical Information
- <SYSTEM32>\tasks\updates\hstldloqij
- %APPDATA%\hstldloqij.exe
- %TEMP%\tmpbcfd.tmp
- %APPDATA%\hstldloqij.exe
- %TEMP%\tmpbcfd.tmp
- 'ma#######asteats.duckdns.org':6606
- DNS ASK ma#######asteats.duckdns.org
- '%WINDIR%\syswow64\schtasks.exe' /Create /TN "Updates\hstlDloQIj" /XML "%TEMP%\tmpBCFD.tmp"' (with hidden window)
- '%WINDIR%\syswow64\schtasks.exe' /Create /TN "Updates\hstlDloQIj" /XML "%TEMP%\tmpBCFD.tmp"