Technical Information
- [<HKLM>\System\CurrentControlSet\Services\Bvigie Duslaoyw Sko] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Bvigie Duslaoyw Sko] 'ImagePath' = '<SYSTEM32>\svchost.exe -k imgsvc'
- C:\net-temp.ini
- %ProgramFiles%\rjvu\hiyudnisu.jpg
- C:\net-temp.ini
- C:\net-temp.ini
- DNS ASK sf##.3322.org