Technical Information
- [<HKLM>\Software\Classes\xfopen\shell\open\command] '' = '"<Current directory>\downlink.exe" "%1"'
- http://up#.###nfengplayer.com/up.txt
- http://up#.###.xuanfengplayer.com/up.txt
- http://up#.###nfengplayer.com/config.ini
- DNS ASK up#.###nfengplayer.com
- DNS ASK up#.###.xuanfengplayer.com
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 4 "<Full path to file>"