Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SelfRunDemo' = '"C:\Users\Public\Downloads\14E0FB54C8CC\ApplicSchdpl.exe"'
- %WINDIR%\temp\fwtsqmfile01.sqm
- C:\users\public\downloads\a2a.exe
- C:\users\public\downloads\b3b.tmp
- C:\users\public\downloads\s3s.lnk
- C:\users\public\downloads\14e0fb54c8cc\applicschdpl.exe
- C:\users\public\downloads\14e0fb54c8cc\gapi32.dll
- C:\users\public\downloads\14e0fb54c8cc\template.txt
- DNS ASK dn#.google
- ClassName: 'MS Schedule+ 32 Main' WindowName: ''
- 'C:\users\public\downloads\a2a.exe' -o -d C:\Users\Public\Downloads\14E0FB54C8CC C:\Users\Public\Downloads\b3b.tmp
- 'C:\users\public\downloads\14e0fb54c8cc\applicschdpl.exe'
- 'C:\users\public\downloads\a2a.exe' -o -d C:\Users\Public\Downloads\14E0FB54C8CC C:\Users\Public\Downloads\b3b.tmp' (with hidden window)