Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Defender' = '%TEMP%\FBpKB.exe'
- svchost.exe
- <LS_APPDATA>\google\chrome\user data\default\web data
- ClassName: 'PROCMON_WINDOW_CLASS', WindowName: ''
- ClassName: 'gdkWindowToplevel', WindowName: ''
- %TEMP%\svchost.exe
- %TEMP%\fbpkb.exe
- %APPDATA%\chrtmp
- '%TEMP%\svchost.exe'