Technical Information
- <SYSTEM32>\tasks\chromeupdate
- 'cd#.##scordapp.com':443
- 'microsoft.com':80
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- 'cd#.##scordapp.com':443
- DNS ASK cd#.##scordapp.com
- DNS ASK microsoft.com
- '<SYSTEM32>\cmd.exe' /c powershell -Command Add-MpPreference -ExclusionPath C:\
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -Command Add-MpPreference -ExclusionPath C:\
- '<SYSTEM32>\cmd.exe' /c powershell -Command Add-MpPreference -ExclusionPath \\localhost\C$\
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -Command Add-MpPreference -ExclusionPath \\localhost\C$\
- '<SYSTEM32>\cmd.exe' /c schtasks /create /tn ChromeUpdate /tr <SYSTEM32>\chromeservice.exe /sc ONLOGON /ru System
- '<SYSTEM32>\schtasks.exe' /create /tn ChromeUpdate /tr <SYSTEM32>\chromeservice.exe /sc ONLOGON /ru System
- '<SYSTEM32>\cmd.exe' /c C:/Windows/System32/chromeservice.exe