Technical Information
- %WINDIR%\syswow64\svchost.exe
- %ALLUSERSPROFILE%\_ds08384904.tmp
- %TEMP%\photocache\mmcxovnja.dll
- <Current directory>\file.bat
- %ALLUSERSPROFILE%\_ds08384904.tmp
- '18#.#11.204.186':80
- ClassName: '' WindowName: 'DNCTRACE'
- '%WINDIR%\syswow64\cmd.exe' /c ""<Current directory>\file.bat" "' (with hidden window)
- '%WINDIR%\syswow64\svchost.exe'
- '%WINDIR%\syswow64\cmd.exe' /c ""<Current directory>\file.bat" "