Technical Information
- %TEMP%\certmgr.exe
- %TEMP%\newca.cer
- %WINDIR%\syswow64\setie.bat
- C:\regset.ini
- '94##f.com':941
- http://www.94###.com:941/newCA.cer via 94##f.com
- http://www.94###.com:941/def.html via 94##f.com
- DNS ASK 94##f.com
- ClassName: '#32770' WindowName: '¸ùÖ¤Êé´æ´¢'
- ClassName: '#32770' WindowName: '°²È«¾¯¸æ'
- ClassName: '#32770' WindowName: '°²È«ÐÔ¾¯¸æ'
- '%TEMP%\certmgr.exe' -add "%TEMP%\\newCA.cer" -s -r currentUser trustedpublisher
- '%TEMP%\certmgr.exe' -add "%TEMP%\\newCA.cer" -s -r currentUser root
- '%TEMP%\certmgr.exe' -add "%TEMP%\\newCA.cer" -s -r currentUser trustedpublisher' (with hidden window)
- '%TEMP%\certmgr.exe' -add "%TEMP%\\newCA.cer" -s -r currentUser root' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c <SYSTEM32>\setie.bat' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c <SYSTEM32>\setie.bat
- '%WINDIR%\syswow64\regini.exe' c:\regset.ini