Technical Information
- firefox.exe
- %WINDIR%\otalm.txt
- %WINDIR%\web\set8.rjy
- 'S2####7h.58guyu.com':6666
- '61.##0.12.198':6666
- '61.##0.12.198':7777
- 'localhost':18691
- 'localhost':18692
- 'localhost':1146
- 'localhost':49180
- http://47.##.214.214:6666/6716ed4b66cb2b4a3786ae0e15279bd2.txt?rg######
- http://12#.#.0.1:18692/log
- http://12#.#.0.1:18692/yewu02
- DNS ASK S2####7h.58guyu.com
- '10#.#5.87.105':10007
- '10#.#5.87.105':10006
- '10#.#5.87.105':10005
- '10#.#5.87.105':10004
- '10#.#5.87.105':10003
- '10#.#5.87.105':10002
- '10#.#5.87.105':10001
- '22#.#5.24.26':10009
- '22#.#5.24.26':10008
- '22#.#5.24.26':10007
- '22#.#5.24.26':10006
- '22#.#5.24.26':10005
- '22#.#5.24.26':10004
- '22#.#5.24.26':10003
- '22#.#5.24.26':10002
- '22#.#5.24.26':10001
- '12#.#5.57.162':8081
- '<LOCALNET>.51.255':18692
- 'S2####7h.58guyu.com':10009
- 'S2####7h.58guyu.com':10008
- 'S2####7h.58guyu.com':10007
- 'S2####7h.58guyu.com':10006
- 'S2####7h.58guyu.com':10005
- 'S2####7h.58guyu.com':10004
- 'S2####7h.58guyu.com':10003
- 'S2####7h.58guyu.com':10002
- 'S2####7h.58guyu.com':10001
- '10#.#5.87.105':10008
- '10#.#5.87.105':10009
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 2 "<Full path to file>"
- '%ProgramFiles(x86)%\mozilla firefox\firefox.exe'