Technical Information
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] 'Services' = '%APPDATA%\34DECAEFB62B2681209724\34DECAEFB62B2681209724.exe'
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\msiexec.exe
- <SYSTEM32>\audiodg.exe
- %APPDATA%\34decaefb62b2681209724\34decaefb62b2681209724.exe
- %APPDATA%\34decaefb62b2681209724\34decaefb62b2681209724.exe
- '<SYSTEM32>\msiexec.exe'
- '<SYSTEM32>\svchost.exe'
- '<SYSTEM32>\audiodg.exe'