Technical Information
- <Current directory>\hhfpvl6wnza8p.exe
- <Current directory>\config.ini
- from <Full path to file> to %TEMP%\hhfpvl6wnza8p\....\hhfpvl6wnza8p
- 'fi#####.besthotel360.com':80
- 'ht#####.besthotel360.com':80
- http://fi#####.besthotel360.com/001/puppet.Txt?41####
- http://fi#####.besthotel360.com/Data/i9dbrbjpiiq7op0l0drv15mffdrjozafrjqas57l3dzjpu7ugsigqhhqw0dc9r3y0lla1q7dd5nrgxjyxpgtzqcl7bilha1fecz9rulipfn5k32303231C4EA39D4C235C8D537CAB13232B7D63535C3EB....
- http://fi#####.besthotel360.com/001/Tips.txt?41####
- http://ht#####.besthotel360.com/HttpApiGb.ashx?ac################################################################################################################################################...
- http://ht#####.besthotel360.com/HttpApiGb.ashx?ac#################
- DNS ASK fi#####.besthotel360.com
- DNS ASK ht#####.besthotel360.com
- ClassName: 'Progman' WindowName: 'Program Manager'
- ClassName: 'CrossFire' WindowName: ''
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns