Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\ZPC_SsdtHooker] 'ImagePath' = '<Current directory>\gameprocess.sys'
- '<SYSTEM32>\ipconfig.exe' /flushdns
- NtOpenProcess, handler: gameprocess.sys
- <Current directory>\gameprocess.sys
- <Current directory>\gameprocess.sys
- 'wa###.eicp.net':80
- http://wa###.eicp.net/api/xmlapi.asmx/GetInfo
- DNS ASK wa###.eicp.net
- ClassName: 'Shell_TrayWnd' WindowName: ''