Technical Information
- <SYSTEM32>\tasks\visual extensions
- <SYSTEM32>\svchost.exe
- %APPDATA%\swapper\behwqmzm.exe
- %WINDIR%\temp\~df5568ec8180de7c9b.tmp
- %WINDIR%\temp\~df5568ec8180de7c9b.tmp
- '%APPDATA%\swapper\behwqmzm.exe'
- '<SYSTEM32>\svchost.exe' ' (with hidden window)
- '%APPDATA%\swapper\behwqmzm.exe' ' (with hidden window)
- '<SYSTEM32>\svchost.exe'