Technical Information
- %APPDATA%\update\setup_114fa_2.exe (downloaded from the Internet)
- %APPDATA%\update\window4.tmp (downloaded from the Internet)
- %APPDATA%\update\jpdesk_3004_Setup.exe (downloaded from the Internet)
- %APPDATA%\update\bibibei_feifan.exe (downloaded from the Internet)
- %APPDATA%\update\window3.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\setup_114fa_2[1].exe
- %APPDATA%\update\window4.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\d2.xiazhai8[1]
- %APPDATA%\update\window1.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\jpdesk_3004_Setup[1].exe
- %APPDATA%\update\window2.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\bibibei_feifan[1].exe
- 'bi#####.s3.amazonaws.com':80
- 'd2.##azhai8.net':80
- 'localhost':1036
- 'd1.##wnxia.net':80
- d1.##wnxia.net/downloader/setup_114fa_2.exe
- d2.##azhai8.net/?id#############
- d1.##wnxia.net/jpdesk/20101104/jpdesk_3004_Setup.exe
- bi#####.s3.amazonaws.com/bibibei_feifan.exe
- DNS ASK bi#####.s3.amazonaws.com
- DNS ASK d2.##azhai8.net
- DNS ASK d1.##wnxia.net
- '<Private IP address>':1037