Technical Information
- %TEMP%\15211960123792202291
- %TEMP%\2035af541c\gbilop.exe
- '14#.#36.0.130':80
- '%TEMP%\2035af541c\gbilop.exe'
- '%TEMP%\2035af541c\gbilop.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /C REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d %TEMP%\2035af541c\' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /C REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d %TEMP%\2035af541c\
- '%WINDIR%\syswow64\reg.exe' ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d %TEMP%\2035af541c\