Technical Information
- '<Current directory>\ИИСЄєП»чV1108_WCA.exe'
- '<SYSTEM32>\netsh.exe' advfirewall set allprofiles state off
- '<SYSTEM32>\cmd.exe' /c netsh advfirewall set allprofiles state off
- <Current directory>\ИИСЄєП»чV1108_WCA.exe
- <SYSTEM32>\6BDE8EDA-0FEB-4d93-9F72-CC9357CC21F3
- %TEMP%\6BDE8EDA-0FEB-4d93-9F72-CC9357CC21F3
- <Current directory>\ИИСЄєП»чV1108_WCA.exe
- <SYSTEM32>\6BDE8EDA-0FEB-4d93-9F72-CC9357CC21F3
- %TEMP%\6BDE8EDA-0FEB-4d93-9F72-CC9357CC21F3
- 'li###.pk9g.com':80
- '10#.#6.138.75':8899
- 'sd#######.#ss-cn-hangzhou.aliyuncs.com':80
- 'li###.fpmen.com':80
- 'li###.xiang99.cn':80
- 'li###.tzzzky.com':80
- http://li###.tzzzky.com/UserId/GGGG8C16BE3B2E66FC10E8.txt
- http://li###.pk9g.com/UserId/GGGG8C16BE3B2E66FC10E8.txt
- http://sd#######.#ss-cn-hangzhou.aliyuncs.com/20171020.txt
- http://li###.fpmen.com/UserUpdata/GGGG8C16BE3B2E66FC10E8/��Ѫ�ϻ�V1108.exe.txt
- http://li###.fpmen.com/UserId/GGGG8C16BE3B2E66FC10E8.txt
- http://li###.xiang99.cn/UserId/GGGG8C16BE3B2E66FC10E8.txt
- DNS ASK li###.pk9g.com
- DNS ASK im####.baidu.com
- DNS ASK sd#######.#ss-cn-hangzhou.aliyuncs.com
- DNS ASK li###.fpmen.com
- DNS ASK li###.xiang99.cn
- DNS ASK li###.tzzzky.com