Technical Information
- <Current directory>\wxwgf2.dll
- %WINDIR%\winex.dll
- %WINDIR%\qf.dll
- %WINDIR%\rjsijw4.dll
- %TEMP%\regini.txt
- %TEMP%\task.bat
- %TEMP%\b9jhqoq.dll
- %TEMP%\regini.txt
- %TEMP%\task.bat
- http://www.5m##ren.com/jw2/interact
- http://fa##.inibin.com/qt3/?5m########################
- DNS ASK 5m##ren.com
- DNS ASK fa##.inibin.com
- DNS ASK 12##.ip138.com
- DNS ASK s.####nalforum.org
- DNS ASK ne##.#1xiaba.com
- ClassName: '' WindowName: 'MsgDebugView'
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\task.bat' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\task.bat
- '%WINDIR%\syswow64\regini.exe' %TEMP%\regini.txt