Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Update' = '%TEMP%\<File name>.exe'
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Java' = '%APPDATA%\Microsoft\svchost.exe'
- vbc.exe
- %TEMP%\<File name>.exe
- %TEMP%\vbc.exe
- %APPDATA%\microsoft\svchost.exe
- %APPDATA%\microsoft\svchost.exe
- '%TEMP%\vbc.exe'
- '%APPDATA%\microsoft\svchost.exe'
- '%APPDATA%\microsoft\svchost.exe' ' (with hidden window)