Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\KEeWWELTVSZM.lnk
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe'
- '%APPDATA%\JVZd.exe' "%APPDATA%\DAHBW"
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
- %APPDATA%\JVZd.exe
- <Current directory>\DAHBW
- %APPDATA%\Monitor\Screenshots\01-27-2017\3.18 PM
- %APPDATA%\DAHBW
- <Current directory>\JVZd1
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- <Current directory>\JVZd.exe
- %HOMEPATH%\25Hz5kosQGl4hMhM\JVZd.exe
- %HOMEPATH%\25Hz5kosQGl4hMhM\DAHBW
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- from %APPDATA%\JVZd.exe to %HOMEPATH%\25Hz5kosQGl4hMhM\JVZd.exe
- from %APPDATA%\DAHBW to %HOMEPATH%\25Hz5kosQGl4hMhM\DAHBW
- 'vk####2.linkpc.net':19920
- DNS ASK vk####2.linkpc.net