Technical Information
- '' (downloaded from the Internet)
- C:\users\public\music\1649477536\2.rar
- C:\users\public\music\1649477536\7z.exe
- C:\users\public\music\1649477536\rundll3222.exe
- C:\users\public\music\1649477536\svchost.txt
- C:\users\public\music\1649477536\antiadwa.exe
- C:\users\public\music\1649477536\excep.tct
- %ALLUSERSPROFILE%\360.dll
- %ALLUSERSPROFILE%\rundll3222.exe
- %ALLUSERSPROFILE%\svchost.txt
- %ALLUSERSPROFILE%\ini.ini
- C:\users\public\music\1649477536\2.rar
- C:\users\public\music\1649477536\7z.exe
- '19#.#46.84.3':4395
- '10#.#45.86.160':10022
- http://19#.##6.84.3:4395/a?=1######### via 19#.#46.84.3
- http://19#.##6.84.3:4395/77 via 19#.#46.84.3
- '10#.#45.86.160':10022
- DNS ASK et##vdsf.cn
- 'C:\users\public\music\1649477536\7z.exe' x C:\Users\Public\Music\1649477536\2.rar C:\Users\Public\Music\1649477536
- 'C:\users\public\music\1649477536\antiadwa.exe' -a
- 'C:\users\public\music\1649477536\7z.exe' x C:\Users\Public\Music\1649477536\2.rar C:\Users\Public\Music\1649477536' (with hidden window)
- 'C:\users\public\music\1649477536\antiadwa.exe' -a' (with hidden window)