Technical Information
- Windows Task Manager (Taskmgr)
- C:\reviewrefbrokernetsvc\ofmmsynonqgdsonfag.bat
- C:\reviewrefbrokernetsvc\0unofg56nyyjbagheznuqb8ypxm.vbe
- C:\reviewrefbrokernetsvc\jarinjector.exe
- ClassName: 'EDIT' WindowName: ''
- '%WINDIR%\syswow64\wscript.exe' "C:\ReviewRefbrokernetsvc\0unOFG56nYYjbAghEZNuQB8yPxm.vbe"
- 'C:\reviewrefbrokernetsvc\jarinjector.exe'
- '%WINDIR%\syswow64\cmd.exe' /c ""C:\ReviewRefbrokernetsvc\OfMmsyNonqgDsonFAG.bat" "' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c ""C:\ReviewRefbrokernetsvc\OfMmsyNonqgDsonFAG.bat" "
- '%WINDIR%\syswow64\reg.exe' add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f