Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'GuaZhuan' = '"<Full path to file>" -autorun '
- %APPDATA%\LSinglePro\cfg.ini
- %APPDATA%\LSinglePro\TFExecuter4\cfg.ini
- %APPDATA%\LSinglePro\log.txt
- 'as#.##uliangbao.cn':80
- 'ts#.##uliangbao.cn':80
- 'im#.#licdn.com':80
- http://ts#.##uliangbao.cn/redirect/CFGUpdate?nu###############################################################
- http://as#.##uliangbao.cn/clt/jobid/b4e01c1d753e1ece6ef88b76c24d823714b8aa56fe114923535851357f833178a34130676e43ba68c3dff8b5d15b6a84910610fde6c94e184bd4d9070de9e3f9584bf29a85094840d6ed9f6eb033e...
- http://im#.#licdn.com/imgextra/i3/58465055/T2BulKXdhcXXXXXXXX_!!58465055.jpg
- http://as#.##uliangbao.cn/clt/jobid/b4e01c1d753e1ece6ef88b76c24d82374b0eec539761ca6c7264502a3a0a1f822d31f866fabfdd0327187c7d2d217395f2f39a0bed649661537ab10d1a5465657fb0b613b187ce6630ca5949a430c...
- http://as#.##uliangbao.cn/clt/jobid/b4e01c1d753e1ece6ef88b76c24d8237f7192f32fd0ad4a7066bdba32137316cef74bf4853aa15de6557f412133fdc771fa3a4e62183b1c5a254a4f913fa491911daee1bd7539ee87fabf84536178...
- http://as#.##uliangbao.cn/c/f8/
- http://as#.##uliangbao.cn/2/h1/
- http://ts#.##uliangbao.cn/f2.2/
- http://as#.##uliangbao.cn/2/h3/
- DNS ASK as#.##uliangbao.cn
- DNS ASK ts#.##uliangbao.cn
- DNS ASK ip.##p1000.com
- DNS ASK im#.#licdn.com