Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\yhphm8sjddks0rbtvkjgc4xefi3chxyz.lnk
- %LOCALAPPDATA%\wiatrace.log
- %LOCALAPPDATA%\juxyzmuuflbwlmjk051um4srm3ycikx\kpnadlhmrmiiqa0qp8c4zb.wsf
- %APPDATA%\ngbpvnnwklmd.zip
- %APPDATA%\5khjmj~1\tvjousrblxapganciyn.db
- %APPDATA%\5khjmj~1\ucdmapaui.db
- %APPDATA%\5khjmj~1\tvjousrblxapganciyn.exe
- %LOCALAPPDATA%\juxyzmuuflbwlmjk051um4srm3ycikx\kpnadlhmrmiiqa0qp8c4zb.wsf
- %APPDATA%\ngbpvnnwklmd.zip
- http://19#.#92.22.92/Ktfvzvolnpzu/Ucyntmovqkghkuit/Lnlpndabx/Cawwlwwuohvuwrk/Ngbpvnnwklmd.db
- '<SYSTEM32>\wscript.exe' "%LOCALAPPDATA%\JUxYzMuuFlBWlMJK051UM4sRm3YcIKX\KPNAdlhMrmIIqa0qP8C4zB.wsf"