Technical Information
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemyupdk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqempkdkk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvrpob.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemgmvrc.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrfkux.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemorhfb.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemylqow.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemltvvg.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjclku.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnvhri.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtunem.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzclrj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemwpdgp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrwzmr.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemhejyq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemectbi.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemudyfa.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemefkkc.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemchoje.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemcbwok.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzsfzr.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemosihw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemwbnlo.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemoumpe.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzooou.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemuwkau.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemmpyhk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzrqav.exe'
- '%TEMP%\Sysqemgmvrc.exe'
- '%TEMP%\Sysqemyupdk.exe'
- '%TEMP%\Sysqempkdkk.exe'
- '%TEMP%\Sysqemrfkux.exe'
- '%TEMP%\Sysqemorhfb.exe'
- '%TEMP%\Sysqemylqow.exe'
- '%TEMP%\Sysqemvrpob.exe'
- '%TEMP%\Sysqemtunem.exe'
- '%TEMP%\Sysqemltvvg.exe'
- '%TEMP%\Sysqemjclku.exe'
- '%TEMP%\Sysqemzclrj.exe'
- '%TEMP%\Sysqemwpdgp.exe'
- '%TEMP%\Sysqemrwzmr.exe'
- '%TEMP%\Sysqemoumpe.exe'
- '%TEMP%\Sysqemefkkc.exe'
- '%TEMP%\Sysqemhejyq.exe'
- '%TEMP%\Sysqemectbi.exe'
- '%TEMP%\Sysqemchoje.exe'
- '%TEMP%\Sysqemcbwok.exe'
- '%TEMP%\Sysqemzsfzr.exe'
- '%TEMP%\Sysqemudyfa.exe'
- '%TEMP%\Sysqemzooou.exe'
- '%TEMP%\Sysqemosihw.exe'
- '%TEMP%\Sysqemwbnlo.exe'
- '%TEMP%\Sysqemuwkau.exe'
- '%TEMP%\Sysqemmpyhk.exe'
- '%TEMP%\Sysqemzrqav.exe'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %TEMP%\Sysqemgmvrc.exe
- %TEMP%\Sysqemyupdk.exe
- %TEMP%\Sysqempkdkk.exe
- %TEMP%\Sysqemylqow.exe
- %TEMP%\Sysqemoumpe.exe
- %TEMP%\Sysqemrfkux.exe
- %TEMP%\Sysqemorhfb.exe
- %TEMP%\Sysqemvrpob.exe
- %TEMP%\Sysqemltvvg.exe
- %TEMP%\Sysqemjclku.exe
- %TEMP%\Sysqemnvhri.exe
- %TEMP%\Sysqemtunem.exe
- %TEMP%\Sysqemzclrj.exe
- %TEMP%\Sysqemwpdgp.exe
- %TEMP%\Sysqemrwzmr.exe
- %TEMP%\Sysqemzsfzr.exe
- %TEMP%\Sysqemefkkc.exe
- %TEMP%\Sysqemhejyq.exe
- %TEMP%\Sysqemcbwok.exe
- %TEMP%\qpath.ini
- %TEMP%\Sysqamqqvaqqd.exe
- %TEMP%\Sysqemchoje.exe
- %TEMP%\Sysqemectbi.exe
- %TEMP%\Sysqemzooou.exe
- %TEMP%\Sysqemosihw.exe
- %TEMP%\Sysqemwbnlo.exe
- %TEMP%\Sysqemzrqav.exe
- %TEMP%\Sysqemudyfa.exe
- %TEMP%\Sysqemuwkau.exe
- %TEMP%\Sysqemmpyhk.exe
- %TEMP%\Sysqemyupdk.exe
- %TEMP%\Sysqempkdkk.exe
- %TEMP%\Sysqemvrpob.exe
- %TEMP%\Sysqemgmvrc.exe
- %TEMP%\Sysqemrfkux.exe
- %TEMP%\Sysqemorhfb.exe
- %TEMP%\Sysqemylqow.exe
- %TEMP%\Sysqemltvvg.exe
- %TEMP%\Sysqemjclku.exe
- %TEMP%\Sysqemnvhri.exe
- %TEMP%\Sysqemtunem.exe
- %TEMP%\Sysqemzclrj.exe
- %TEMP%\Sysqemwpdgp.exe
- %TEMP%\Sysqemrwzmr.exe
- %TEMP%\Sysqemoumpe.exe
- %TEMP%\Sysqemefkkc.exe
- %TEMP%\Sysqemhejyq.exe
- %TEMP%\Sysqemectbi.exe
- %TEMP%\Sysqemzsfzr.exe
- %TEMP%\Sysqemchoje.exe
- %TEMP%\Sysqamqqvaqqd.exe
- %TEMP%\Sysqemcbwok.exe
- %TEMP%\Sysqemzooou.exe
- %TEMP%\Sysqemosihw.exe
- %TEMP%\Sysqemwbnlo.exe
- %TEMP%\Sysqemzrqav.exe
- %TEMP%\Sysqemudyfa.exe
- %TEMP%\Sysqemuwkau.exe
- %TEMP%\Sysqemmpyhk.exe