Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\Wsjsxd dxwjjjuj System helper] 'ImagePath' = '%ProgramFiles%\Microsoft Gaihcp\Qndzgfe.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Wsjsxd dxwjjjuj System helper] 'Start' = '00000002'
- C:\7010.vbs
- %ProgramFiles%\Microsoft Gaihcp\Qndzgfe.exe
- C:\7010.vbs
- <Full path to file>
- 'q7#.bid':2018
- DNS ASK q7#.bid
- '<SYSTEM32>\wscript.exe' "C:\7010.vbs"
- '%ProgramFiles%\Microsoft Gaihcp\Qndzgfe.exe'