Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'a949cf35-dc78-6169-6e14-308a70bb0999' = '<LS_APPDATA>\Microsoft\f61b22b6-93dd-60d8-6159-7038eb552493\42872a13-ed35-49c1-a294-e59622768e93...
- '<LS_APPDATA>\Microsoft\f61b22b6-93dd-60d8-6159-7038eb552493\42872a13-ed35-49c1-a294-e59622768e93.exe'
- '<SYSTEM32>\dllhost.exe'
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\dllhost.exe
- <SYSTEM32>\svchost.exe
- <LS_APPDATA>\Microsoft\f61b22b6-93dd-60d8-6159-7038eb552493\42872a13-ed35-49c1-a294-e59622768e93.exe
- <LS_APPDATA>\Microsoft\7ddea54f-5373-6075-7dcb-aa365b908671\448aa97b-8944-66b1-6191-d494cdd74287
- <LS_APPDATA>\Microsoft\7ddea54f-5373-6075-7dcb-aa365b908671\a5a21de1-be3c-616b-73e6-5aa19b210471
- ClassName: 'Indicator' WindowName: ''