Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'xbgCPGlG\' = '%APPDATA%\xbgCPGlG\cPFUtVmG.exe'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- %APPDATA%\xbgCPGlG\cPFUtVmG.exe
- '18#.#5.210.203':127