Technical Information
- %TEMP%\253c.tmp\hosts patch.bat
- %TEMP%\253c.tmp\throttle.exe
- %TEMP%\253c.tmp\throttle.reg
- %TEMP%\is-flgiv.tmp\throttle.tmp
- %TEMP%\is-7j37u.tmp\_isetup\_setup64.tmp
- %TEMP%\is-7j37u.tmp\_isetup\_isdecmp.dll
- %TEMP%\is-7j37u.tmp\idp.dll
- 'x.##2.us':80
- 'microsoft.com':80
- 'o.##2.us':80
- 'oc##.###tg2.amazontrust.com':80
- 'oc##.####ca1.amazontrust.com':80
- 'cr#.####ca1.amazontrust.com':80
- 'oc##.###1b.amazontrust.com':80
- 'cr#.####b.amazontrust.com':80
- 'dp#.###urestudies.com':443
- DNS ASK dp#.###urestudies.com
- DNS ASK x.##2.us
- DNS ASK microsoft.com
- DNS ASK o.##2.us
- DNS ASK oc##.###tg2.amazontrust.com
- DNS ASK oc##.####ca1.amazontrust.com
- DNS ASK cr#.####ca1.amazontrust.com
- DNS ASK oc##.###1b.amazontrust.com
- DNS ASK cr#.####b.amazontrust.com
- '%TEMP%\253c.tmp\throttle.exe'
- '%TEMP%\is-flgiv.tmp\throttle.tmp' /SL5="$F0210,5686803,780800,%TEMP%\253C.tmp\throttle.exe"
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\253C.tmp\hosts patch.bat" "<Full path to file>""' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\253C.tmp\hosts patch.bat" "<Full path to file>""