Technical Information
- <Current directory>\soft.dll
- <Current directory>\ëµã÷êé.txt
- <Current directory>\update.tmp
- <Current directory>\update.bat
- nul
- <Current directory>\update.bat
- <Current directory>\soft.dll
- <Current directory>\ëµã÷êé.txt
- from <Current directory>\update.tmp to <Current directory>\╠В·╓∙3.1.exe
- <Current directory>\soft.dll
- <Current directory>\ëµã÷êé.txt
- 'tx##min.top':1000
- 'tx##min.top':100
- http://www.tx###in.top:100/app/static/2022-09-18/3c33f6f8-8bcf-48eb-b75e-30434c5fc03a.exe via tx##min.top
- http://www.tx####n.top:1000/robot.client.init via tx##min.top
- http://www.tx####n.top:1000/robot.client.selectSoftware via tx##min.top
- http://www.tx####n.top:1000/robot.client.getSoftwareFileInfo via tx##min.top
- DNS ASK tx##min.top
- '<Current directory>\╠В·╓∙3.1.exe'
- '%WINDIR%\syswow64\cmd.exe' /c <Current directory>\update.bat' (with hidden window)
- '%WINDIR%\syswow64\notepad.exe' <Current directory>\˵Ã÷Êé.txt
- '%WINDIR%\syswow64\cmd.exe' /c <Current directory>\update.bat
- '%WINDIR%\syswow64\ping.exe' localhost
- '%WINDIR%\syswow64\choice.exe' /t 0.00001 /d y /n
- '%WINDIR%\syswow64\cacls.exe' ╠В·╓∙3.1.exe /e /p everyone:f