Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ktoxhdmv' = '%APPDATA%\vrbkgpxtd\yrrnwgclhqavfo.exe "%TEMP%\giuiwxga.exe" %HOMEPATH%\AppData\�'
- giuiwxga.exe
- %TEMP%\nsm8d13.tmp
- %TEMP%\lfdaorq.t
- %TEMP%\xmfqciidksw.w
- %TEMP%\giuiwxga.exe
- %APPDATA%\vrbkgpxtd\yrrnwgclhqavfo.exe
- DNS ASK my###.wshrt.sbs
- DNS ASK my######swshrt.linkpc.net
- '%TEMP%\giuiwxga.exe' %TEMP%\xmfqciidksw.w
- '%TEMP%\giuiwxga.exe'