Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Persis.exe' = '%TEMP%\SS_Check\Persis.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Updtz.exe' = '%APPDATA%\SS_Check\Updtz.exe'
- %TEMP%\SS_Check\Persis.exe
- %APPDATA%\SS_Check\Updtz.exe
- %TEMP%\SS_Check\Persis.exe
- %APPDATA%\SS_Check\Updtz.exe
- ClassName: 'Indicator' WindowName: ''