Technical Information
- User Account Control (UAC)
- <Current directory>\WorkConfig.ini
- 'bl##.#ina.com.cn':80
- 'up####.cnjuejin.com':80
- http://bl##.#ina.com.cn/s/blog_1789ee8240102wq2u.html
- http://up####.cnjuejin.com/update.txt
- http://bl##.#ina.com.cn/s/blog_1789ee8240102wqe3.html
- DNS ASK bl##.#ina.com.cn
- DNS ASK up####.cnjuejin.com
- ClassName: '' WindowName: ''
- ClassName: 'NotifyIconOverflowWindow' WindowName: ''
- ClassName: 'ToolbarWindow32' WindowName: ''
- ClassName: 'TrayNotifyWnd' WindowName: ''
- ClassName: 'SysPager' WindowName: ''
- '<SYSTEM32>\powercfg.exe' -h off
- '<SYSTEM32>\netsh.exe' advfilewall set publicprofile state off
- '<SYSTEM32>\reg.exe' add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /d 1 /t REG_DWORD /f