Technical Information
- C:\HaoLiao_haoliao401252_8871110.exe (downloaded from the Internet)
- %WINDIR%\explorer.exe
- C:\HaoLiao_haoliao401252_8871110.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\HaoLiao_haoliao401252_8871110[1].exe
- <Current directory>\debug.txt
- 'jh.#1lm.com':80
- 'localhost':1034
- jh.#1lm.com/jh/HaoLiao_haoliao401252_8871110.exe
- DNS ASK jh.#1lm.com
- '<Private IP address>':1035
- ClassName: 'CSCHiddenWindow' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'TWizardForm' WindowName: '???? - HaoLiao'
- ClassName: 'SystemTray_Main' WindowName: ''
- ClassName: 'Proxy Desktop' WindowName: ''
- ClassName: 'BaseBar' WindowName: 'ChanApp'
- ClassName: 'SysListView32' WindowName: ''