Technical Information
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\Run] 'API Infrastructure v9.92' = '%TEMP%\\API Infrastructure v9.92\APIInfrastructure.exe'
- %TEMP%\api infrastructure v9.92\apiinfrastructure.exe
- %TEMP%\api infrastructure v9.92\apiinfrastructure.exe
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\tmp161B.tmp.cmd""
- '%WINDIR%\syswow64\timeout.exe' 4