Technical Information
- %WINDIR%\microsoft.net\framework\v4.0.30319\regsvcs.exe
- %TEMP%\9_25\vhol.suq
- %TEMP%\9_25\hgbrkcw.dat
- %TEMP%\9_25\vcbqnbinj.ini
- %TEMP%\9_25\pddnllsph.msc
- %TEMP%\9_25\fpmco.bin
- %TEMP%\9_25\skmn.xml
- %TEMP%\9_25\ibhcprr.dat
- %TEMP%\9_25\cgvodra.jpg
- %TEMP%\9_25\fddhdbuv.xl
- %TEMP%\9_25\gplf.xml
- %TEMP%\9_25\cqql.jpg
- %TEMP%\9_25\hqjghc.mp3
- %TEMP%\9_25\agkekuum.xls
- %TEMP%\9_25\rshuw.icm
- %TEMP%\9_25\sbcpwk.ppt
- %TEMP%\9_25\midfnuq.jpg
- %TEMP%\9_25\qedsrbcbw.exe
- %TEMP%\9_25\rfeqp.icm
- %TEMP%\9_25\gidw.icm
- %TEMP%\9_25\oxtnawa.xml
- %TEMP%\9_25\tuwrk.ppt
- %TEMP%\9_25\hindknoud.xls
- %TEMP%\9_25\cbacixr.exe
- %TEMP%\9_25\wjhb.vbe
- %TEMP%\9_25\knurag.exe
- %TEMP%\9_25\rertx.bin
- %TEMP%\9_25\ncsdb.icm
- %HOMEPATH%\temp\rertx.bin
- %TEMP%\9_25\cbacixr.exe
- ClassName: 'EDIT' WindowName: ''
- '%WINDIR%\syswow64\wscript.exe' "%TEMP%\9_25\wjhb.vbe"
- '%TEMP%\9_25\cbacixr.exe' knurag.exe
- '%WINDIR%\microsoft.net\framework\v4.0.30319\regsvcs.exe'