Technical Information
- %CommonProgramFiles%\RavStub.bbb (downloaded from the Internet)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\oRun[1].exe
- %CommonProgramFiles%\RavStub.bbb
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\count[1].asp
- %CommonProgramFiles%\sa.txt
- 'sc####.sudacc.com':80
- 'xx#.#aihec.cn':80
- 'localhost':1036
- sc####.sudacc.com/x0606/game032/oRun.exe
- xx#.#aihec.cn/count.asp?id########
- DNS ASK sc####.sudacc.com
- DNS ASK xx#.#aihec.cn