Technical Information
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemwxooe.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnvhri.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemxuxzr.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemowuko.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdxtnp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzwhku.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemlpisy.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemaddbj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfiskh.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvznyr.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdcjdi.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdsnsw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvlatb.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemniazw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdqvzg.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnjfxa.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemiugbz.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvpaqe.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemogdvx.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzdgxv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqbwox.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemucucs.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemerxyf.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemekrmy.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfaqzx.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemaucnu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemaojtp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemafodv.exe'
- '%TEMP%\Sysqemwxooe.exe'
- '%TEMP%\Sysqemnvhri.exe'
- '%TEMP%\Sysqemxuxzr.exe'
- '%TEMP%\Sysqemowuko.exe'
- '%TEMP%\Sysqemdxtnp.exe'
- '%TEMP%\Sysqemzwhku.exe'
- '%TEMP%\Sysqemlpisy.exe'
- '%TEMP%\Sysqemaddbj.exe'
- '%TEMP%\Sysqemfiskh.exe'
- '%TEMP%\Sysqemvznyr.exe'
- '%TEMP%\Sysqemdcjdi.exe'
- '%TEMP%\Sysqemdsnsw.exe'
- '%TEMP%\Sysqemvlatb.exe'
- '%TEMP%\Sysqemniazw.exe'
- '%TEMP%\Sysqemdqvzg.exe'
- '%TEMP%\Sysqemnjfxa.exe'
- '%TEMP%\Sysqemiugbz.exe'
- '%TEMP%\Sysqemvpaqe.exe'
- '%TEMP%\Sysqemogdvx.exe'
- '%TEMP%\Sysqemzdgxv.exe'
- '%TEMP%\Sysqemqbwox.exe'
- '%TEMP%\Sysqemucucs.exe'
- '%TEMP%\Sysqemerxyf.exe'
- '%TEMP%\Sysqemekrmy.exe'
- '%TEMP%\Sysqemfaqzx.exe'
- '%TEMP%\Sysqemaucnu.exe'
- '%TEMP%\Sysqemaojtp.exe'
- '%TEMP%\Sysqemafodv.exe'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %TEMP%\Sysqemowuko.exe
- %TEMP%\Sysqemwxooe.exe
- %TEMP%\Sysqemnvhri.exe
- %TEMP%\Sysqemlpisy.exe
- %TEMP%\Sysqemekrmy.exe
- %TEMP%\Sysqemdxtnp.exe
- %TEMP%\Sysqemzwhku.exe
- %TEMP%\Sysqemxuxzr.exe
- %TEMP%\Sysqemaddbj.exe
- %TEMP%\Sysqemfiskh.exe
- %TEMP%\Sysqemvznyr.exe
- %TEMP%\Sysqemdcjdi.exe
- %TEMP%\Sysqemdsnsw.exe
- %TEMP%\Sysqemvlatb.exe
- %TEMP%\Sysqemniazw.exe
- %TEMP%\Sysqemqbwox.exe
- %TEMP%\Sysqemvpaqe.exe
- %TEMP%\Sysqemdqvzg.exe
- %TEMP%\Sysqemzdgxv.exe
- %TEMP%\qpath.ini
- %TEMP%\Sysqamqqvaqqd.exe
- %TEMP%\Sysqemogdvx.exe
- %TEMP%\Sysqemnjfxa.exe
- %TEMP%\Sysqemfaqzx.exe
- %TEMP%\Sysqemucucs.exe
- %TEMP%\Sysqemerxyf.exe
- %TEMP%\Sysqemafodv.exe
- %TEMP%\Sysqemiugbz.exe
- %TEMP%\Sysqemaucnu.exe
- %TEMP%\Sysqemaojtp.exe
- %TEMP%\Sysqemwxooe.exe
- %TEMP%\Sysqemnvhri.exe
- %TEMP%\Sysqemxuxzr.exe
- %TEMP%\Sysqemowuko.exe
- %TEMP%\Sysqemdxtnp.exe
- %TEMP%\Sysqemzwhku.exe
- %TEMP%\Sysqemlpisy.exe
- %TEMP%\Sysqemaddbj.exe
- %TEMP%\Sysqemfiskh.exe
- %TEMP%\Sysqemvznyr.exe
- %TEMP%\Sysqemdcjdi.exe
- %TEMP%\Sysqemdsnsw.exe
- %TEMP%\Sysqemvlatb.exe
- %TEMP%\Sysqemniazw.exe
- %TEMP%\Sysqemekrmy.exe
- %TEMP%\Sysqemvpaqe.exe
- %TEMP%\Sysqemdqvzg.exe
- %TEMP%\Sysqemnjfxa.exe
- %TEMP%\Sysqemqbwox.exe
- %TEMP%\Sysqemogdvx.exe
- %TEMP%\Sysqamqqvaqqd.exe
- %TEMP%\Sysqemzdgxv.exe
- %TEMP%\Sysqemfaqzx.exe
- %TEMP%\Sysqemucucs.exe
- %TEMP%\Sysqemerxyf.exe
- %TEMP%\Sysqemafodv.exe
- %TEMP%\Sysqemiugbz.exe
- %TEMP%\Sysqemaucnu.exe
- %TEMP%\Sysqemaojtp.exe