Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\ServTestDos] 'Start' = '00000002'
- '<Current directory>\35e.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\190609.bat" "
- '<SYSTEM32>\svchost.exe' -k ServTestDos
- %TEMP%\190609.bat
- %WINDIR%\ServTestDos.dll
- <Current directory>\35e.exe
- <Current directory>\35e.exe
- '19#.#3.110.114':9090
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'