Technical Information
- <Current directory>\0rdwd.exe
- <Current directory>\config.ini
- from <Full path to file> to %TEMP%\0rdwd\....\0rdwd
- 'te##.##sthotel360.com':80
- 'ht##.##sthotel360.com':80
- http://te##.##sthotel360.com/001/puppet.Txt?10#####
- http://te##.##sthotel360.com/Data/nvyanancfosljfof5jqjcj5osl5l5o5acoaeannyjcjci7yvsvvniiqevaqqn3nfy5jsvoa3j35o7evafacslaf7njqaqiavj5fncq5sn7vi5f32303231C4EA39D4C233C8D53139CAB13138B7D63431C3EB....
- http://te##.##sthotel360.com/001/Tips.txt?10#####
- http://ht##.##sthotel360.com/HttpApiGb.ashx?ac###################################################################################################################################################...
- DNS ASK te##.##sthotel360.com
- DNS ASK ht##.##sthotel360.com
- ClassName: 'Progman' WindowName: 'Program Manager'
- ClassName: 'CrossFire' WindowName: ''
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns