Technical Information
- [HKLM\System\CurrentControlSet\Services\ialdnwxf] 'ImagePath' = '<Current directory>\superec.ProcessMemory.sys'
- 'ialdnwxf' <Current directory>\\superec.ProcessMemory.sys
- 'ialdnwxf' <Current directory>\superec.ProcessMemory.sys
- <Current directory>\superec.processmemory.sys
- %WINDIR%\temp\udd163e.tmp
- %WINDIR%\temp\udd163e.tmp
- 'hi.##idu.com':80
- 'in####ow.baidu.com':443
- http://hi.##idu.com/pine_839750142/item/cdcf2043be6949b2823ae167
- 'hi.##idu.com':443
- DNS ASK hi.##idu.com
- DNS ASK in####ow.baidu.com