Technical Information
- C:\5see_b102_dasda.exe
- C:\5see_b102_dasda.exe (downloaded from the Internet)
- %WINDIR%\explorer.exe
- C:\5see_b102_dasda.exe
- <Current directory>\<Virus name>.txt
- 'd1.##36s.com':80
- d1.##36s.com/5see/5see_b102_dasda.exe
- DNS ASK d1.##36s.com
- '<Private IP address>':1037
- ClassName: 'SystemTray_Main' WindowName: ''
- ClassName: 'CSCHiddenWindow' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Proxy Desktop' WindowName: ''
- ClassName: 'BaseBar' WindowName: 'ChanApp'
- ClassName: 'SysListView32' WindowName: ''