Technical Information
- <SYSTEM32>\conhost.exe
- http://cd#.#oluobl.cn/appi/appi/lebtest
- http://ap##.#ame.qq.com/comm-htdocs/ip/get_ip.php
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- DNS ASK cd#.#oluobl.cn
- DNS ASK cf##uiobogs
- DNS ASK ap##.#ame.qq.com
- DNS ASK sp#.#aidu.com
- DNS ASK cd#.#####bl.cn.cdn.dnsv1.com
- DNS ASK 2r######.sched.sma.tdnsv5.com
- DNS ASK microsoft.com
- DNS ASK cd#.#utaopt.cn
- ClassName: 'ProgMan' WindowName: ''
- ClassName: 'SHELLDLL_DefView' WindowName: ''
- '<SYSTEM32>\ipconfig.exe' /flushdns' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c del /Q /F "<Full path to file>"' (with hidden window)
- '<SYSTEM32>\waitfor.exe'
- '<SYSTEM32>\ipconfig.exe' /flushdns
- '%WINDIR%\syswow64\cmd.exe' /c del /Q /F "<Full path to file>"