Technical Information
- <SYSTEM32>\dsound.dll with <SYSTEM32>\dsound.dll.dat
- <SYSTEM32>\dllcache\dsound.dll with <SYSTEM32>\dllcache\dsound.dll
- %TEMP%\Temp\server.exe
- %TEMP%\Temp\2-26.exe
- <SYSTEM32>\cmd.exe /c ""%TEMP%\tempVidio.bat" "
- %TEMP%\tempVidio.bat
- <SYSTEM32>\dsound.dll.dat
- %HOMEPATH%\Favorites\Нв№ТЧч·»ЧКФґХѕ [42724920.ys168.com].url
- %HOMEPATH%\Favorites\Нв№ТЧч·»№Щ·ЅХѕ [www.zuowg.com].url
- %TEMP%\Temp\server.exe
- %TEMP%\Temp\2-26.exe
- %CommonProgramFiles%\System\kb542944.dla
- %TEMP%\kb542944.sve
- %CommonProgramFiles%\System\kb542944.dla
- %TEMP%\Temp\server.exe
- from <SYSTEM32>\dllcache\dsound.dll to <SYSTEM32>\dllcache\dsound.dll.FBRS
- from <SYSTEM32>\dsound.dll to <SYSTEM32>\dsound.dll.FBRS
- ClassName: 'Shell_TrayWnd' WindowName: ''