Technical Information
- C:\1.exe
- C:\1.exe (downloaded from the Internet)
- <SYSTEM32>\net1.exe stop sharedaccess
- <SYSTEM32>\net.exe stop sharedaccess
- C:\1.exe
- 'sd##.#ishuju.com':80
- '<Private IP address>':5858
- sd##.#ishuju.com/???#########
- DNS ASK sd##.#ishuju.com
- '<Private IP address>':1037
- ClassName: 'Shell_TrayWnd' WindowName: ''