Technical Information
- '' (downloaded from the Internet)
- '<SYSTEM32>\taskkill.exe' /f /im ttjiema.exe
- <Current directory>\5update.bat
- <Current directory>\FZZQMD5.exe.tmp
- from <Current directory>\FZZQMD5.exe.tmp to <Current directory>\ttjiema.exe
- 'im#.#tjiema.com':80
- http://im#.#tjiema.com/ttjiema.exe
- DNS ASK im#.#tjiema.com
- ClassName: '' WindowName: ''
- '<Current directory>\ttjiema.exe'
- '<SYSTEM32>\cmd.exe' /c 5update.bat