Technical Information
- <Current directory>\update.tmp
- <Current directory>\update.bat
- nul
- <Current directory>\update.bat
- from <Current directory>\update.tmp to <Current directory>\└╢φВ±░δ╫╘╢В»6.4.exe
- '16#.#4.66.218':8000
- '16#.#4.66.218':80
- http://16#.#4.66.218/app/static/2022-06-01/df136bcc-21bd-49fb-9e79-043b66f672b3.exe
- http://16#.##.66.218:8000/robot.client.init via 16#.#4.66.218
- http://16#.##.66.218:8000/robot.client.selectSoftware via 16#.#4.66.218
- http://16#.##.66.218:8000/robot.client.getSoftwareFileInfo via 16#.#4.66.218
- http://16#.##.66.218:8000/robot.client.codeLogin via 16#.#4.66.218
- http://16#.##.66.218:8000/robot.client.getLoginCode via 16#.#4.66.218
- '<Current directory>\└╢φВ±░δ╫╘╢В»6.4.exe'
- '%WINDIR%\syswow64\cmd.exe' /c <Current directory>\update.bat' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c <Current directory>\update.bat
- '%WINDIR%\syswow64\ping.exe' localhost
- '%WINDIR%\syswow64\choice.exe' /t 0.00001 /d y /n
- '%WINDIR%\syswow64\cacls.exe' └╢ΦВ±░δ╫╘╢В»6.4.exe /e /p everyone:f