Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Testing' = '%PROGRAMDATA%\Svg64.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Injected' = '%APPDATA%\Microsoft\<File name>.exe'
- %PROGRAMDATA%\svg64.exe
- %APPDATA%\microsoft\<File name>.exe
- %PROGRAMDATA%\svg64.exe