Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{77D30FCF-771E-4EF4-9DCD-69056CA0B517}] 'StubPath' = 'rundll32 dfmcd21.dll,laspi'
- <SYSTEM32>\jsc
- <SYSTEM32>\dfmcd21.dll
- <SYSTEM32>\klgd.bmp
- <Full path to file>
- '<SYSTEM32>\cmd.exe' /c del <Full path to file> >> NUL
- '<SYSTEM32>\rundll32.exe' dfmcd21,PL