Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '360SAVETASK' = '<SYSTEM32>\360SaveTask.exe'
- <SYSTEM32>\360SaveTask.exe
- <SYSTEM32>\360SaveTask.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\fw[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ym[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\fp[1].jpg
- %HOMEPATH%\Desktop\Internet Explorer.url
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\fw[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ym[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\fp[1].jpg
- 'u.###255.com':80
- u.###255.com/image/fw.jpg
- u.###255.com/image/ym.jpg
- u.###255.com/image/fp.jpg
- DNS ASK u.###255.com
- '<Private IP address>':1035
- ClassName: '' WindowName: ''