Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\ajnwm30s6seu.lnk
- %LOCALAPPDATA%\wiatrace.log
- %LOCALAPPDATA%\zzieoshqtqhgx1zla8tyvwaf2cz6jbor\nmwmeoeybc1qjtk9si5xdr.wsf
- %APPDATA%\fhdzsfsfwoeyvwfbz.zip
- %APPDATA%\raerk2~1\mxxuqujdkjgnp.db
- %APPDATA%\raerk2~1\pawuqsexqyhadnshwg.db
- %APPDATA%\raerk2~1\mxxuqujdkjgnp.exe
- %LOCALAPPDATA%\zzieoshqtqhgx1zla8tyvwaf2cz6jbor\nmwmeoeybc1qjtk9si5xdr.wsf
- %APPDATA%\fhdzsfsfwoeyvwfbz.zip
- http://16#.#13.255.234/Xjyzmzmfm/Ctejxnemv/Fwqmfvmtcyquqklqh/Kimldbhgbia/Fhdzsfsfwoeyvwfbz.db
- '<SYSTEM32>\wscript.exe' "%LOCALAPPDATA%\zZIeOShQTqhgX1ZLa8TYVWAf2CZ6JBoR\NMwMEoeyBC1qjTK9si5xDr.wsf"