Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'DbgPrintLogws' = '"<SYSTEM32>\WScript.exe" "%APPDATA%\DbgPrintLog local files\start.vbs" //B "%1" %*'
- %HOMEPATH%\Start Menu\Programs\Startup\DbgPrintLogws.vbs
- '%APPDATA%\DbgPrintLog local files\data.exe' local files\data.exe
- %APPDATA%\DbgPrintLog local files\data.exe
- %APPDATA%\DbgPrintLog local files\readme.xml3.txt
- %APPDATA%\DbgPrintLog local files\readme.pdf2.txt
- <Current directory>\license.xml4.txt
- %APPDATA%\DbgPrintLog local files\readme.xml2.txt
- <Current directory>\readme.xml3.txt
- <Current directory>\readme.xml2.txt
- %APPDATA%\DbgPrintLog local files\start.vbs
- %APPDATA%\DbgPrintLog local files\DbgPrintLog.exe
- 'xm#.##nercircle.com':80
- 'www.mi###circle.com':443
- DNS ASK xm#.##nercircle.com
- DNS ASK www.mi###circle.com