Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\pprsuvxA] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\pprsuvxA] 'ImagePath' = '%ProgramFiles%\Tencentdl.exe -k'
- %TEMP%\myrar.exe
- C:\XFI677csr.sys
- %ProgramFiles%\Tencentdl.exe
- %ProgramFiles%\Tencentdl.exe
- '11#.#88.248.88':8666
- 'ai####a.f3322.net':8010
- DNS ASK .#.
- DNS ASK ai####a.f3322.net
- ClassName: 'MS_WINHELP' WindowName: ''
- 'C:\XFI677csr.sys'
- '%ProgramFiles%\Tencentdl.exe'