Technical Information
- '<Current directory>\°ФХЯёґ№ЕA1_WCA.exe'
- '<SYSTEM32>\netsh.exe' advfirewall set allprofiles state off
- '<SYSTEM32>\cmd.exe' /c netsh advfirewall set allprofiles state off
- <Current directory>\°ФХЯёґ№ЕA1_WCA.exe
- <SYSTEM32>\69F8B0EE-9C36-44cd-903F-295CD97CE3BD
- %TEMP%\69F8B0EE-9C36-44cd-903F-295CD97CE3BD
- <Current directory>\°ФХЯёґ№ЕA1_WCA.exe
- <SYSTEM32>\69F8B0EE-9C36-44cd-903F-295CD97CE3BD
- %TEMP%\69F8B0EE-9C36-44cd-903F-295CD97CE3BD
- 'li###.pk9g.com':80
- 'ba##.#####n-shanghai.aliyuncs.com':80
- 'ba###.####cn-shenzhen.aliyuncs.com':80
- 'li###.fpmen.com':80
- 'li###.xiang99.cn':80
- 'li###.tzzzky.com':80
- http://li###.pk9g.com/UserId/BBBB85D77EB0093BBC79BA.txt
- http://ba##.#####n-shanghai.aliyuncs.com/bazhe.txt
- http://ba###.####cn-shenzhen.aliyuncs.com/bazho.txt
- http://li###.tzzzky.com/UserId/BBBB85D77EB0093BBC79BA.txt
- http://li###.fpmen.com/UserUpdata/BBBB85D77EB0093BBC79BA/���߸���A1.exe.txt
- http://li###.fpmen.com/UserId/BBBB85D77EB0093BBC79BA.txt
- http://li###.xiang99.cn/UserId/BBBB85D77EB0093BBC79BA.txt
- DNS ASK im####.baidu.com
- DNS ASK ba##.#####n-shanghai.aliyuncs.com
- DNS ASK ba###.####cn-shenzhen.aliyuncs.com
- DNS ASK li###.pk9g.com
- DNS ASK li###.fpmen.com
- DNS ASK li###.xiang99.cn
- DNS ASK li###.tzzzky.com