Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'vv' = '<SYSTEM32>\rundll32.exe "<Current directory>\smgui.dll",gPack'
- ClassName: 'FileMonClass', WindowName: ''
- ClassName: 'OLLYDBG', WindowName: ''
- <Current directory>\smgui.dll
- 'bl##.#ina.com.cn':80
- http://bl##.#ina.com.cn/u/5694346260
- DNS ASK gm#.#hnlab.com
- DNS ASK bl##.#ina.com.cn
- ClassName: '18467-41' WindowName: ''
- '<SYSTEM32>\rundll32.exe' "<Current directory>\smgui.dll",gPack