Technical Information
- %LOCALAPPDATA%\setuperr.log
- %LOCALAPPDATA%\r51xcifuxepm\vi5zvu7pxvmn0wxw.wsf
- %APPDATA%\yewemfkifmgqri.zip
- %APPDATA%\tl5fbg~1\odudinmqdlhswjzcryet.db
- %APPDATA%\tl5fbg~1\rcolhlbwytegoyltsblog.db
- %APPDATA%\tl5fbg~1\rcolhlbwytegoyltsblog.exe
- %LOCALAPPDATA%\r51xcifuxepm\vi5zvu7pxvmn0wxw.wsf
- %APPDATA%\yewemfkifmgqri.zip
- http://63.##0.37.92/Homvcckngxncookf/Osctmnxcggnoyj/Mrvqgarwl/Yiipibtctgrp/Yewemfkifmgqri.db
- '<SYSTEM32>\wscript.exe' "%LOCALAPPDATA%\R51XCiFUxEPm\VI5zVU7Pxvmn0wxW.wsf"
- '<SYSTEM32>\logonui.exe' /flags:0x1