search

PDQ Deploy

hashtag
Deployment Server:

hashtag
Default Install Locations:

  • C:\Program Files (x86)\Admin Arsenal\PDQ Deploy

  • C:\ProgramData\Admin Arsenal\PDQ Deploy

hashtag
Service Install Name:

  • PDQ Deploy

hashtag
PDQDeployInstall.log:

  • C:\Users<user>\AppData\Local\Temp\PDQDeployInstall.log

hashtag
server_summary.txt:

  • C:\ProgramData\Admin Arsenal\PDQ Deploy\server_summary.txt

hashtag
Destination Hosts (Ransomed):

hashtag
Service Name:

  • PDQDeploymentRunner-1

hashtag
Default Install Location:

  • C:\Windows\AdminArsenal\PDQDeployRunner\service-1\PDQDeployRunner-1.exe

  • C:\Windows\AdminArsenal

hashtag
Debug.txt:

  • C:\Windows\AdminArsenal\PDQDeployRunner\service-1\debug.txt

    • debug.txt shows which process or file was executed on the host via PDQ Deploy.

hashtag
command.cmd

  • C:\Windows\AdminArsenal\PDQDeployRunner\service-1\exec\command.cmd

    • command.cmd contains the commands to be executed on the host(s), which in our case, is the ransomware. arrow-up-right

Help for PDQ Deploydocumentation.pdq.comchevron-right
Previous7-ZipNextTotalCMD

Last updated