Technical Information
- YY.exe
- <Full path to file>{B04DE12C-87A4-432b-8718-24A7A40DB515}
- <Current directory>\RCX2.tmp
- <Current directory>\YY.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\yyroom[1].txt
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\U98D4X8H\yyroom1[1].txt
- <Current directory>\YY.exe
- <Full path to file>{B04DE12C-87A4-432b-8718-24A7A40DB515}
- from <Full path to file> to %TEMP%\_@1.tmp
- <Full path to file>{B04DE12C-87A4-432b-8718-24A7A40DB515}
- <Full path to file>
- 'yy##l.com':80
- 'pi##iuwu.cn':80
- http://yy##l.com/yyroom.txt
- http://pi##iuwu.cn/yyroom1.txt
- DNS ASK yy##l.com
- DNS ASK pi##iuwu.cn
- '<Current directory>\YY.exe'