Technical Information
- %LOCALAPPDATA%\ຜແຒພໃທຢີຣ່ນນໃຳຖິບໄຢຝ\<File name>.exe_url_tozukmyjerviewo02c1f0jnyj52d0won\7.787.667.647\kibxmdae.newcfg
- %APPDATA%\logs\logs.dat
- from %LOCALAPPDATA%\ຜແຒພໃທຢີຣ່ນນໃຳຖິບໄຢຝ\<File name>.exe_url_tozukmyjerviewo02c1f0jnyj52d0won\7.787.667.647\kibxmdae.newcfg to %LOCALAPPDATA%\ຜແຒພໃທຢີຣ່ນນໃຳຖິບໄຢຝ\<File name>.exe_url_tozukmyjerviewo02c1f0jnyj52d0won\7.787.667.647\user.config
- 'li########abestteamoftheworld.com':80
- 'li########abestteamoftheworld.com':443
- '37.#8.89.8':4783
- http://li########abestteamoftheworld.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-C713C3B61CDDC87892926C2C8A1229AC.html
- http://li########abestteamoftheworld.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-AF16598BE6A0B862A676CAD493CEFB4C.html
- DNS ASK li########abestteamoftheworld.com
- '%WINDIR%\syswow64\cmd.exe' /c timeout 1' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c timeout 1
- '%WINDIR%\syswow64\timeout.exe' 1