Technical Information
- '%APPDATA%\Explorerie.exe'
- '<SYSTEM32>\cmd.exe' /K "%APPDATA%\Explorerie.exe"
- '<SYSTEM32>\reg.exe' reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /f /v "22e4b09b-51b8-4992-ba44-66cc2e56551c" /t REG_SZ /d "%APPDATA%\Explorerie.exe" & exit
- <SYSTEM32>\svchost.exe
- %APPDATA%\Monitor\Screenshots\01-19-2017\3.04 PM
- %APPDATA%\Explorerie.exe
- %APPDATA%\Explorerie.exe
- '15#.#2.43.254':32280
- '19#.#23.38.254':32280