Technical Information
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemivboj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtjcvu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqrbmw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvmggx.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemkkkvz.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfiqfp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemplwoa.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdooky.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqxjkk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnnrgs.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqntym.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdxkzf.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqjrlm.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemaehtc.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemaerbg.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfqlup.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemphqoc.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemazvii.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrhqmd.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemurrqg.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjhsno.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemeyvnz.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqematclh.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnoixn.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfjomq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfhvys.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemcjdfy.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemuqche.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemumfrc.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemihobt.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemxpebp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnwsuv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqjdcg.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemkpqka.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemhhazj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzqtvb.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemhflrr.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemovhmb.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzippw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemwdfdf.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtqvgc.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqifnf.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemitzox.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqzren.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemsobtb.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemgledl.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemolqdv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjfxpc.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemingzj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtceij.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemoxakk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemypnfq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqembqqgv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrbspd.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemztwfi.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtcycf.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqembmorh.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrepqn.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqembhkwz.exe'
- '%TEMP%\Sysqemivboj.exe'
- '%TEMP%\Sysqemtjcvu.exe'
- '%TEMP%\Sysqemqrbmw.exe'
- '%TEMP%\Sysqemvmggx.exe'
- '%TEMP%\Sysqemkkkvz.exe'
- '%TEMP%\Sysqemfiqfp.exe'
- '%TEMP%\Sysqemplwoa.exe'
- '%TEMP%\Sysqemdooky.exe'
- '%TEMP%\Sysqemqxjkk.exe'
- '%TEMP%\Sysqemnnrgs.exe'
- '%TEMP%\Sysqemqntym.exe'
- '%TEMP%\Sysqemdxkzf.exe'
- '%TEMP%\Sysqemqjrlm.exe'
- '%TEMP%\Sysqemaehtc.exe'
- '%TEMP%\Sysqemaerbg.exe'
- '%TEMP%\Sysqemfqlup.exe'
- '%TEMP%\Sysqemphqoc.exe'
- '%TEMP%\Sysqemazvii.exe'
- '%TEMP%\Sysqemrhqmd.exe'
- '%TEMP%\Sysqemurrqg.exe'
- '%TEMP%\Sysqemjhsno.exe'
- '%TEMP%\Sysqemeyvnz.exe'
- '%TEMP%\Sysqematclh.exe'
- '%TEMP%\Sysqemnoixn.exe'
- '%TEMP%\Sysqemfjomq.exe'
- '%TEMP%\Sysqemfhvys.exe'
- '%TEMP%\Sysqemcjdfy.exe'
- '%TEMP%\Sysqemuqche.exe'
- '%TEMP%\Sysqemumfrc.exe'
- '%TEMP%\Sysqemihobt.exe'
- '%TEMP%\Sysqemxpebp.exe'
- '%TEMP%\Sysqemnwsuv.exe'
- '%TEMP%\Sysqemqjdcg.exe'
- '%TEMP%\Sysqemkpqka.exe'
- '%TEMP%\Sysqemhhazj.exe'
- '%TEMP%\Sysqemzqtvb.exe'
- '%TEMP%\Sysqemhflrr.exe'
- '%TEMP%\Sysqemovhmb.exe'
- '%TEMP%\Sysqemzippw.exe'
- '%TEMP%\Sysqemwdfdf.exe'
- '%TEMP%\Sysqemtqvgc.exe'
- '%TEMP%\Sysqemqifnf.exe'
- '%TEMP%\Sysqemitzox.exe'
- '%TEMP%\Sysqemqzren.exe'
- '%TEMP%\Sysqemsobtb.exe'
- '%TEMP%\Sysqemgledl.exe'
- '%TEMP%\Sysqemolqdv.exe'
- '%TEMP%\Sysqemjfxpc.exe'
- '%TEMP%\Sysqemingzj.exe'
- '%TEMP%\Sysqemtceij.exe'
- '%TEMP%\Sysqemoxakk.exe'
- '%TEMP%\Sysqemypnfq.exe'
- '%TEMP%\Sysqembqqgv.exe'
- '%TEMP%\Sysqemrbspd.exe'
- '%TEMP%\Sysqemztwfi.exe'
- '%TEMP%\Sysqemtcycf.exe'
- '%TEMP%\Sysqembmorh.exe'
- '%TEMP%\Sysqemrepqn.exe'
- '%TEMP%\Sysqembhkwz.exe'
- %TEMP%\Sysqemivboj.exe
- %TEMP%\Sysqemtjcvu.exe
- %TEMP%\Sysqemqrbmw.exe
- %TEMP%\Sysqemvmggx.exe
- %TEMP%\Sysqemkkkvz.exe
- %TEMP%\Sysqemfiqfp.exe
- %TEMP%\Sysqemplwoa.exe
- %TEMP%\Sysqemdxkzf.exe
- %TEMP%\Sysqemqxjkk.exe
- %TEMP%\Sysqemnnrgs.exe
- %TEMP%\Sysqemihobt.exe
- %TEMP%\Sysqemdooky.exe
- %TEMP%\Sysqemqjrlm.exe
- %TEMP%\Sysqemaehtc.exe
- %TEMP%\Sysqemqntym.exe
- %TEMP%\Sysqemfqlup.exe
- %TEMP%\Sysqemphqoc.exe
- %TEMP%\Sysqemazvii.exe
- %TEMP%\Sysqemrhqmd.exe
- %TEMP%\Sysqemurrqg.exe
- %TEMP%\Sysqemjhsno.exe
- %TEMP%\Sysqemeyvnz.exe
- %TEMP%\Sysqemcjdfy.exe
- %TEMP%\Sysqemnoixn.exe
- %TEMP%\Sysqemfjomq.exe
- %TEMP%\Sysqemaerbg.exe
- %TEMP%\Sysqematclh.exe
- %TEMP%\Sysqemuqche.exe
- %TEMP%\Sysqemumfrc.exe
- %TEMP%\Sysqemfhvys.exe
- %TEMP%\Sysqemtceij.exe
- %TEMP%\Sysqemnwsuv.exe
- %TEMP%\Sysqemqjdcg.exe
- %TEMP%\Sysqemqifnf.exe
- %TEMP%\Sysqemxpebp.exe
- %TEMP%\Sysqemzqtvb.exe
- %TEMP%\Sysqemhflrr.exe
- %TEMP%\Sysqemkpqka.exe
- %TEMP%\Sysqemitzox.exe
- %TEMP%\Sysqemwdfdf.exe
- %TEMP%\Sysqamqqvaqqd.exe
- %TEMP%\qpath.ini
- %TEMP%\Sysqemzippw.exe
- %TEMP%\Sysqemqzren.exe
- %TEMP%\Sysqemtqvgc.exe
- %TEMP%\Sysqemovhmb.exe
- %TEMP%\Sysqemolqdv.exe
- %TEMP%\Sysqemjfxpc.exe
- %TEMP%\Sysqembmorh.exe
- %TEMP%\Sysqemgledl.exe
- %TEMP%\Sysqemoxakk.exe
- %TEMP%\Sysqemypnfq.exe
- %TEMP%\Sysqemingzj.exe
- %TEMP%\Sysqemrepqn.exe
- %TEMP%\Sysqemztwfi.exe
- %TEMP%\Sysqemsobtb.exe
- %TEMP%\Sysqemhhazj.exe
- %TEMP%\Sysqemrbspd.exe
- %TEMP%\Sysqembhkwz.exe
- %TEMP%\Sysqemtcycf.exe
- %TEMP%\Sysqembqqgv.exe
- %TEMP%\Sysqemivboj.exe
- %TEMP%\Sysqemtjcvu.exe
- %TEMP%\Sysqemqrbmw.exe
- %TEMP%\Sysqemvmggx.exe
- %TEMP%\Sysqemkkkvz.exe
- %TEMP%\Sysqemfiqfp.exe
- %TEMP%\Sysqemplwoa.exe
- %TEMP%\Sysqemdxkzf.exe
- %TEMP%\Sysqemqxjkk.exe
- %TEMP%\Sysqemnnrgs.exe
- %TEMP%\Sysqemihobt.exe
- %TEMP%\Sysqemdooky.exe
- %TEMP%\Sysqemqjrlm.exe
- %TEMP%\Sysqemaehtc.exe
- %TEMP%\Sysqemqntym.exe
- %TEMP%\Sysqemfqlup.exe
- %TEMP%\Sysqemphqoc.exe
- %TEMP%\Sysqemazvii.exe
- %TEMP%\Sysqemrhqmd.exe
- %TEMP%\Sysqemurrqg.exe
- %TEMP%\Sysqemjhsno.exe
- %TEMP%\Sysqemeyvnz.exe
- %TEMP%\Sysqemcjdfy.exe
- %TEMP%\Sysqemnoixn.exe
- %TEMP%\Sysqemfjomq.exe
- %TEMP%\Sysqemaerbg.exe
- %TEMP%\Sysqematclh.exe
- %TEMP%\Sysqemuqche.exe
- %TEMP%\Sysqemumfrc.exe
- %TEMP%\Sysqemfhvys.exe
- %TEMP%\Sysqemxpebp.exe
- %TEMP%\Sysqemnwsuv.exe
- %TEMP%\Sysqemqjdcg.exe
- %TEMP%\Sysqemkpqka.exe
- %TEMP%\Sysqemhhazj.exe
- %TEMP%\Sysqemzqtvb.exe
- %TEMP%\Sysqemhflrr.exe
- %TEMP%\Sysqemqifnf.exe
- %TEMP%\Sysqemzippw.exe
- %TEMP%\Sysqamqqvaqqd.exe
- %TEMP%\Sysqemwdfdf.exe
- %TEMP%\Sysqemovhmb.exe
- %TEMP%\Sysqemitzox.exe
- %TEMP%\Sysqemqzren.exe
- %TEMP%\Sysqemtqvgc.exe
- %TEMP%\Sysqemgledl.exe
- %TEMP%\Sysqemolqdv.exe
- %TEMP%\Sysqemjfxpc.exe
- %TEMP%\Sysqemingzj.exe
- %TEMP%\Sysqemtceij.exe
- %TEMP%\Sysqemoxakk.exe
- %TEMP%\Sysqemypnfq.exe
- %TEMP%\Sysqembmorh.exe
- %TEMP%\Sysqemrbspd.exe
- %TEMP%\Sysqemztwfi.exe
- %TEMP%\Sysqemsobtb.exe
- %TEMP%\Sysqembqqgv.exe
- %TEMP%\Sysqemrepqn.exe
- %TEMP%\Sysqembhkwz.exe
- %TEMP%\Sysqemtcycf.exe