Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\FHewMUeyPO.eu.url
- <SYSTEM32>\svchost.exe
- %APPDATA%\FHewMUeyPO\FHewMUeyPO.exe
- %TEMP%\aut1.tmp
- %TEMP%\7qjqC.J
- %APPDATA%\Monitor\Screenshots\06-12-2018\12.01 PM
- %TEMP%\aut1.tmp
- '18#.#4.181.66':9467
- 'localhost':9467
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe'