Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\GJhMCWGACMFL.lnk
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe'
- '%APPDATA%\Jbgf.exe' "%APPDATA%\PeVSV"
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
- <Current directory>\PeVSV
- %APPDATA%\Jbgf.exe
- %APPDATA%\PeVSV
- %TEMP%\aut1.tmp
- <Current directory>\Jbgf.exe
- %TEMP%\aut2.tmp
- %HOMEPATH%\Gt3hbMr3vB88XncJ\PeVSV
- %HOMEPATH%\Gt3hbMr3vB88XncJ\Jbgf.exe
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- from %APPDATA%\Jbgf.exe to %HOMEPATH%\Gt3hbMr3vB88XncJ\Jbgf.exe
- from %APPDATA%\PeVSV to %HOMEPATH%\Gt3hbMr3vB88XncJ\PeVSV
- '46.#0.33.71':19555