Technical Information
- [\REGISTRY\USER\S-1-5-21-1238866942-1249195528-555854008-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1400' = '00000003'
- [\REGISTRY\USER\S-1-5-21-1238866942-1249195528-555854008-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1C00' = '00000000'
- <Current directory>\账单.xlsx
- %ALLUSERSPROFILE%\microsoft\search\data\applications\windows\projects\systemindex\secstore\cist0000.000
- from <Full path to file> to C:\users\public\windows.url
- 'se############4d-1316554402.sh.apigw.tencentcs.com':80
- http://se############4d-1316554402.sh.apigw.tencentcs.com/user.js
- http://se############4d-1316554402.sh.apigw.tencentcs.com/admin/login
- DNS ASK se############4d-1316554402.sh.apigw.tencentcs.com
- '<SYSTEM32>\cmd.exe' " /c " <Current directory>\账单.xlsx' (with hidden window)
- '<SYSTEM32>\cmd.exe' " /c " <Current directory>\账单.xlsx
- '%ProgramFiles%\microsoft office\office14\excel.exe' /dde