Technical Information
- [<HKLM>\System\CurrentControlSet\Services\Stuvwx Abcdefgh Jkl] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Stuvwx Abcdefgh Jkl] 'ImagePath' = '<SYSTEM32>\swgswq.exe'
- %WINDIR%\syswow64\swgswq.exe
- 'localhost':6380
- '%WINDIR%\syswow64\swgswq.exe'