Technical Information
- <SYSTEM32>\tasks\udp subsystem
- %WINDIR%\syswow64\schtasks.exe
- %TEMP%\ff3ef9353cc449a49582f3784a729fd8\3071b60b6fa842e78b4c67a9a98af028556e161a59bee07ba3923d2439ec8c09\30aba2f4c78850d2711db7109b40f2a194dc7385cf51300862b3d1782f490b85.inprogress
- %APPDATA%\36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee\run.dat
- %TEMP%\tmpea86.tmp
- %APPDATA%\36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee\task.dat
- %TEMP%\tmpea86.tmp
- from %TEMP%\ff3ef9353cc449a49582f3784a729fd8\3071b60b6fa842e78b4c67a9a98af028556e161a59bee07ba3923d2439ec8c09\30aba2f4c78850d2711db7109b40f2a194dc7385cf51300862b3d1782f490b85.inprogress to %TEMP%\ff3ef9353cc449a49582f3784a729fd8\3071b60b6fa842e78b4c67a9a98af028556e161a59bee07ba3923d2439ec8c09\30aba2f4c78850d2711db7109b40f2a194dc7385cf51300862b3d1782f490b85
- '<LOCALNET>.0.108':54984
- 'localhost':54984
- '%WINDIR%\syswow64\schtasks.exe' /create /f /tn "UDP Subsystem" /xml "%TEMP%\tmpEA86.tmp"