Technical Information
- <SYSTEM32>\tasks\thunderliveupdate
- <SYSTEM32>\tasks\ñ¸à ׸üðâ·þîñ
- %ALLUSERSPROFILE%\setting.ini
- %ALLUSERSPROFILE%\thunder\liveupdate.exe
- %ALLUSERSPROFILE%\thunderupdate\liveupdate.exe
- %ALLUSERSPROFILE%\thunder\media.xml
- %ALLUSERSPROFILE%\thunder\liveupdate.dat
- %ALLUSERSPROFILE%\thunderupdate\liveupdate.dat
- %ALLUSERSPROFILE%\thunderupdate\media.xml
- %TEMP%\_ir_tu2_temp_0\_tuprojdt.dat
- %TEMP%\_ir_tu2_temp_1\_tuprojdt.dat
- 'my.###dajiema.info':80
- http://my.###dajiema.info/picturess/2023/1.119.txt
- http://my.###dajiema.info/picturess/2023/LiveUpdate.exe
- http://my.###dajiema.info/picturess/2023/Media.xml
- http://my.###dajiema.info/picturess/2023/LiveUpdate360.dat
- http://my.###dajiema.info/picturess/2023/RSD.xml
- DNS ASK my.###dajiema.info
- '%ALLUSERSPROFILE%\thunderupdate\liveupdate.exe'
- '%ALLUSERSPROFILE%\thunder\liveupdate.exe'
- '%ALLUSERSPROFILE%\thunder\liveupdate.exe' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {3B3E4367-BE83-4CD7-89AA-A87F74A3FC75} S-1-5-21-1960123792-2022915161-3775307078-1001:fsnizomldk\user:Interactive:[1]