Technical Information
- [<HKLM>\System\CurrentControlSet\Services\Scheduler Diagnostic Propagation Audio] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Scheduler Diagnostic Propagation Audio] 'ImagePath' = 'C:\uxsfeoyw\jezurlnskhbn.exe'
- 'Scheduler Diagnostic Propagation Audio' C:\uxsfeoyw\jezurlnskhbn.exe
- %WINDIR%\uxsfeoyw\mpavz7hbtg
- C:\uxsfeoyw\mpavz7hbtg
- C:\uxsfeoyw\estjssvx5gigyxv9.exe
- C:\uxsfeoyw\jezurlnskhbn.exe
- C:\uxsfeoyw\rjphsppspo.exe
- C:\uxsfeoyw\ssw3qobd
- C:\uxsfeoyw\jezurlnskhbn.exe
- C:\uxsfeoyw\rjphsppspo.exe
- %WINDIR%\uxsfeoyw\mpavz7hbtg
- C:\uxsfeoyw\estjssvx5gigyxv9.exe
- %WINDIR%\uxsfeoyw\mpavz7hbtg
- '19#.74.51.3':32904
- '10#.#25.112.152':47507
- '11#.#18.187.28':42065
- '88.#48.36.4':25752
- '20#.#70.207.211':37727
- '17#.37.2.43':44303
- '19#.#62.66.148':52345
- '5.#.166.192':41199
- 'C:\uxsfeoyw\estjssvx5gigyxv9.exe'
- 'C:\uxsfeoyw\jezurlnskhbn.exe'
- 'C:\uxsfeoyw\rjphsppspo.exe' "c:\uxsfeoyw\jezurlnskhbn.exe"