Technical Information
- <SYSTEM32>\tasks\bsell
- %TEMP%\vbtr.dll
- %TEMP%\msw.q
- %TEMP%\vbtr.dll
- %APPDATA%\mlogic\comlogs.dll
- %TEMP%\msw.q
- '<SYSTEM32>\rundll32.exe' "%APPDATA%\Mlogic\comlogs.dll", jrgbeg' (with hidden window)
- '%CommonProgramFiles%\microsoft shared\equation\eqnedt32.exe' -Embedding
- '<SYSTEM32>\taskeng.exe' {D786041B-3FB7-42A0-9BFA-A13AAC11B69E} S-1-5-21-1960123792-2022915161-3775307078-1001:dxcsiymdrxc\user:Interactive:[1]
- '<SYSTEM32>\rundll32.exe' "%APPDATA%\Mlogic\comlogs.dll", jrgbeg