Technical Information
- %WINDIR%\syswow64\werfault.exe
- %TEMP%\autbe9d.tmp
- %TEMP%\res.ico
- %APPDATA%\<File name>.exe
- %TEMP%\aut19f6.tmp
- %ALLUSERSPROFILE%\jhgvy76765guhb0\bzsbkotiu.exe
- %TEMP%\autbe9d.tmp
- %TEMP%\aut19f6.tmp
- from %APPDATA%\<File name>.exe to %ALLUSERSPROFILE%\jhgvy76765guhb0\bzsbkotiu.exe
- '%APPDATA%\<File name>.exe'
- '%WINDIR%\syswow64\schtasks.exe' /CREATE /SC ONLOGON /TN "Windows Update Check - 0x090301DC" /TR "%ALLUSERSPROFILE%\jhgvy76765guhb0\bzsbkotiu.exe" /RL HIGHEST' (with hidden window)
- '%WINDIR%\syswow64\schtasks.exe' /CREATE /SC ONLOGON /TN "Windows Update Check - 0x090301DC" /TR "%ALLUSERSPROFILE%\jhgvy76765guhb0\bzsbkotiu.exe" /RL HIGHEST