Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\5a5509.lnk
- %TEMP%\e_n4\krnln.fnr
- %TEMP%\e_n4\htmlview.fne
- %TEMP%\e_n4\internet.fne
- %TEMP%\e_n4\eapi.fne
- %TEMP%\e_n4\dp1.fne
- %ProgramFiles(x86)%\c3db8d\9aeeb1.exe
- %ProgramFiles(x86)%\7a4508\dp1.fne
- %ProgramFiles(x86)%\7a4508\eapi.fne
- %ProgramFiles(x86)%\7a4508\htmlview.fne
- %ProgramFiles(x86)%\7a4508\internet.fne
- %ProgramFiles(x86)%\7a4508\krnln.fnr
- %TEMP%\sg-e56c8c5c.exe
- %TEMP%\sg-e56c8c5c.exe
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\index.dat
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012015112320151124\index.dat
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012016081820160819\index.dat
- '%ProgramFiles(x86)%\c3db8d\9aeeb1.exe'
- '%TEMP%\sg-e56c8c5c.exe' reinnet
- '%WINDIR%\syswow64\explorer.exe' <Current directory>\