Technical Information
- C:\update.exe
- C:\update.exe
- from <Full path to virus> to <Current directory>\update30690.exe
- DNS ASK nu#.#icobao.com
- DNS ASK ge####o.micobao.com
- DNS ASK un#####ll.micobao.com
- DNS ASK mx#.qq.com
- DNS ASK dn#.#icobao.com
- DNS ASK sm##.163.com
- DNS ASK re#.163.com
- DNS ASK No####.micobao.com
- DNS ASK Al#######aptchaIp.micobao.com
- '<Private IP address>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''