Technical Information
- <Current directory>\fa1ulslxn8ufma.exe
- <Current directory>\config.ini
- from <Full path to file> to %TEMP%\fa1ulslxn8ufma\....\fa1ulslxn8ufma
- 'te##.##sthotel360.com':80
- 'ht##.##sthotel360.com':80
- http://te##.##sthotel360.com/001/puppet.Txt?98####
- http://te##.##sthotel360.com/Data/jqyyl7ey5o5jvcajes3io3oan3ycsyf7oeli7syfesnnasclvci3qn7qv35osyes7j3l7qs3vc5oiyof5scsi5fefiaqnlclisqaniyij37lv5l7iafa32303231C4EA39D4C231C8D53133CAB135B7D63135C...
- http://te##.##sthotel360.com/001/Tips.txt?99####
- http://ht##.##sthotel360.com/HttpApiGb.ashx?ac###################################################################################################################################################...
- http://ht##.##sthotel360.com/HttpApiGb.ashx?ac#################
- DNS ASK te##.##sthotel360.com
- DNS ASK ht##.##sthotel360.com
- ClassName: 'Progman' WindowName: 'Program Manager'
- ClassName: 'CrossFire' WindowName: ''
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns