Technical Information
- '' (downloaded from the Internet)
- C:\users\public\music\1654728035\2.rar
- C:\users\public\music\1654728035\7z.exe
- C:\users\public\music\1654728035\rundll3222.exe
- C:\users\public\music\1654728035\svchost.txt
- C:\users\public\music\1654728035\antiadwa.exe
- C:\users\public\music\1654728035\excep.tct
- %ALLUSERSPROFILE%\360.dll
- %ALLUSERSPROFILE%\rundll3222.exe
- %ALLUSERSPROFILE%\svchost.txt
- %ALLUSERSPROFILE%\ini.ini
- C:\users\public\music\1654728035\2.rar
- C:\users\public\music\1654728035\7z.exe
- '18#.#15.218.132':4478
- '15#.#3.186.10':10022
- http://18#.###.218.132:4478/@4?=1######### via 18#.#15.218.132
- http://18#.###.218.132:4478/77 via 18#.#15.218.132
- DNS ASK hu###gli1hao.cn
- 'C:\users\public\music\1654728035\7z.exe' x C:\\Users\\Public\\Music\\1654728035\2.rar C:\\Users\\Public\\Music\\1654728035
- 'C:\users\public\music\1654728035\antiadwa.exe' -a
- 'C:\users\public\music\1654728035\7z.exe' x C:\\Users\\Public\\Music\\1654728035\2.rar C:\\Users\\Public\\Music\\1654728035' (with hidden window)
- 'C:\users\public\music\1654728035\antiadwa.exe' -a' (with hidden window)