Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\5e3789.lnk
- %TEMP%\e_n4\krnln.fnr
- %TEMP%\e_n4\htmlview.fne
- %TEMP%\e_n4\internet.fne
- %TEMP%\e_n4\eapi.fne
- %TEMP%\e_n4\dp1.fne
- %ProgramFiles(x86)%\73e559\ba07d5.exe
- %ProgramFiles(x86)%\5f1734\dp1.fne
- %ProgramFiles(x86)%\5f1734\eapi.fne
- %ProgramFiles(x86)%\5f1734\htmlview.fne
- %ProgramFiles(x86)%\5f1734\internet.fne
- %ProgramFiles(x86)%\5f1734\krnln.fnr
- %TEMP%\sg-93ec20e9.exe
- %TEMP%\sg-93ec20e9.exe
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\index.dat
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012015112320151124\index.dat
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012016081820160819\index.dat
- '%ProgramFiles(x86)%\73e559\ba07d5.exe'
- '%TEMP%\sg-93ec20e9.exe' reinnet
- '%WINDIR%\syswow64\explorer.exe' <Current directory>\