Technical Information
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Systemjqwke.exe'
- %TEMP%\path.ini
- %TEMP%\2.dat
- %TEMP%\3.dat
- %TEMP%\4.dat
- %TEMP%\systamjqwke.exe
- %TEMP%\systemjqwke.exe
- DNS ASK i2.##etuku.com
- '%TEMP%\systemjqwke.exe'