Technical Information
- <SYSTEM32>\tasks\microsoft\éìæ··¢²¼
- <Current directory>\updata.exe
- %APPDATA%\tkz\peizhi.ini
- %APPDATA%\tkz\oneexitgo.ini
- 'up####.#ew.yitaokeji.vip':80
- http://up####.#ew.yitaokeji.vip/GetAdd.php?id############################################
- DNS ASK up####.#ew.yitaokeji.vip
- ClassName: 'TrayNotifyWnd' WindowName: ''
- ClassName: 'SysPager' WindowName: ''
- ClassName: 'ToolbarWindow32' WindowName: ''
- ClassName: '#32770' WindowName: 'ВґГГЋГі'
- ClassName: 'Button' WindowName: 'È·¶¨'
- ClassName: '' WindowName: ''
- ClassName: '#32770' WindowName: '·¢²¼ÉÌÆ·'
- '<Full path to file>' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {86C2F007-ECD0-4296-BB51-2DAD5009BD22} S-1-5-21-1960123792-2022915161-3775307078-1001:kbbdeyyotkqk\user:Interactive:[1]