Technical Information
- %TEMP%\~1.tmp (downloaded from the Internet)
- <SYSTEM32>\ping.exe 127.0.0.1 -n 10
- %TEMP%\~1.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\temp[1].bin
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\yingzi.org[1]
- '22#.#86.31.101':80
- 'localhost':1037
- 'www.yi###i.org.cn':80
- 22#.#86.31.101/NewSystem/exe/temp.bin
- www.yi###i.org.cn/
- DNS ASK www.yi###i.org.cn
- '<Private IP address>':1035