Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Brugerlsni' = '%HOMEPATH%\MALMARSHWR\Mesatiskel1.vbs'
- mesatiskel1.exe
- %HOMEPATH%\malmarshwr\mesatiskel1.exe
- %HOMEPATH%\malmarshwr\mesatiskel1.vbs
- http://vd####9wogzzu.info/us8.bin
- '%HOMEPATH%\malmarshwr\mesatiskel1.exe'