Technical Information
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\27250327320174622243849[1]
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\U98D4X8H\cansu521[1].txt
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\2VAZY7AN\cansu521[1].txt
- 'localhost':1036
- 'mo######521.blog.163.com':80
- 'mo###xie.win':80
- 'yu####n.6600.org':80
- 'yu####n.6600.org':3203
- http://mo######521.blog.163.com/blog/static/27250327320174622243849/
- http://www.mo###xie.win/cansu521.txt via mo###xie.win
- http://yu####n.6600.org/cansu521.txt
- DNS ASK mo######521.blog.163.com
- DNS ASK www.mo###xie.win
- DNS ASK yu####n.6600.org
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- '<SYSTEM32>\svchost.exe'