Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\wordpad.exe
- User Account Control (UAC)
- svchost.exe
- %APPDATA%\svchost.exe
- %TEMP%\melt.bat
- %APPDATA%\ky.config
- %APPDATA%\dwm.exe
- %APPDATA%\svchost.exe
- %APPDATA%\microsoft\windows\start menu\programs\startup\wordpad.exe
- %APPDATA%\dwm.exe
- %TEMP%\melt.bat
- DNS ASK se##gep.com
- '%APPDATA%\svchost.exe'
- '%APPDATA%\svchost.exe' g753g1 fI5FFp69e 2992
- '%APPDATA%\svchost.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\Melt.bat' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\Melt.bat