Technical Information
- <Full path to virus> (downloaded from the Internet)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\xiaoniu[1].dll
- <Full path to virus>
- <Full path to virus>
- %TEMP%\<Virus name>.exe.lj
- from %TEMP%\<Virus name>.exe1 to <Full path to virus>
- from <Full path to virus> to %TEMP%\<Virus name>.exe1
- 'v.##o63.com':80
- 'localhost':1034
- v.##o63.com/xiaoniu.dll
- DNS ASK v.##o63.com
- ClassName: 'Shell_TrayWnd' WindowName: ''