Technical Information
- <Full path to virus> (downloaded from the Internet)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\xiaoniu[1].dll
- <Full path to virus>
- <Full path to virus>
- from %TEMP%\<Virus name>.exe1 to <Full path to virus>
- from <Full path to virus> to %TEMP%\<Virus name>.exe1
- 'v.##o63.com':80
- 'localhost':1035
- v.##o63.com/xiaoniu.dll
- DNS ASK v.##o63.com