Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\Program.vbs
- %TEMP%\RarSFX1\WebDriver.dll
- %TEMP%\RarSFX1\DefenderService.pdb
- %TEMP%\RarSFX1\DefenderService.exe.config
- %TEMP%\RarSFX1\WebDriver.xml
- %TEMP%\RarSFX1\WebDriver.Support.xml
- %TEMP%\RarSFX1\WebDriver.Support.dll
- %TEMP%\RarSFX0\WindowsUpdate.exe
- %TEMP%\RarSFX0\Program.vbs
- %TEMP%\RarSFX0\service.vbs
- %TEMP%\RarSFX1\DefenderService.exe
- %TEMP%\RarSFX1\chromedriver.exe
- %APPDATA%\Program.vbs
- 'localhost':1035
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: '' WindowName: ''
- '%TEMP%\RarSFX0\WindowsUpdate.exe'
- '%TEMP%\RarSFX1\DefenderService.exe'
- '<SYSTEM32>\wscript.exe' "%TEMP%\RarSFX0\service.vbs"
- '<SYSTEM32>\wscript.exe' "%TEMP%\RarSFX0\Program.vbs"
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -Embedding