Technical Information
- %TEMP%\Жр·ІИ«Нј№Т_.exe
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://www.11##u.com/?2x###
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://12#.##kankan.com/index2.html
- <SYSTEM32>\cmd.exe /c ""%TEMP%\Жр·ІИ«Нј№Т_.bat" "
- %TEMP%\Жр·ІИ«Нј№Т_.bat
- %TEMP%\Жр·ІИ«Нј№Т_.exe
- %TEMP%\Жр·ІИ«Нј№Т_.exe
- 'localhost':1038
- 'localhost':1037
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''