Technical Information
- %WINDIR%\syswow64\yyxieyi\»ò»òî¨ò»qq£º945705179.key
- %WINDIR%\syswow64\yyxieyi\»ò»ò뢻¨ðВГІГ©0152.exe
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012023122620231227\index.dat
- <DRIVERS>\etc\hosts
- 'a1#####880.ys168.com':80
- http://a1#####880.ys168.com/
- DNS ASK a1#####880.ys168.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- '%WINDIR%\syswow64\yyxieyi\»ò»ò뢻¨ðВГІГ©0152.exe'
- '%WINDIR%\syswow64\cmd.exe' /c netsh interface ip set dns name="В±ВѕВµГÁ¬½Ó" source=static addr=218.5.5.17 register=PRIMARY' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c netsh interface ip set dns name="В±ВѕВµГÁ¬½Ó" source=static addr=218.5.5.17 register=PRIMARY
- '%WINDIR%\syswow64\netsh.exe' interface ip set dns name="В±ВѕВµГÁ¬½Ó" source=static addr=218.5.5.17 register=PRIMARY