Technical Information
- <SYSTEM32>\dllhost.exe
- %TEMP%\ixp000.tmp\setup.exe
- %TEMP%\evbd172.tmp
- %TEMP%\ixp000.tmp\setup.exe
- ClassName: '' WindowName: ''
- '%TEMP%\ixp000.tmp\setup.exe'
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' Remove-Item '%TEMP%\IXP000.TMP\setup.exe' -Force
- '%TEMP%\ixp000.tmp\setup.exe' ' (with hidden window)
- '<SYSTEM32>\rundll32.exe' 1.tmp,setup' (with hidden window)
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' Remove-Item '%TEMP%\IXP000.TMP\setup.exe' -Force' (with hidden window)
- '<SYSTEM32>\rundll32.exe' 1.tmp,setup
- '<SYSTEM32>\dllhost.exe'