Technical Information
- <LS_APPDATA>\coopen_setup_45564.exe
- %APPDATA%\JjlDownLoader\0CloudEx_onlinesetup.exe
- <LS_APPDATA>\In.exe "http://do######.setup.xinruicn.com/install/inc.exe"
- %APPDATA%\JjlDownLoader\0CloudEx_onlinesetup.exe (downloaded from the Internet)
- %TEMP%\nsp4.tmp\System.dll
- %TEMP%\nsz3.tmp
- %APPDATA%\JjlDownLoader\0CloudEx_onlinesetup.exe
- %TEMP%\nsp4.tmp\modern-wizard.bmp
- %TEMP%\nsp4.tmp\ioSpecial.ini
- C:\CCPMachineInfo.dll
- <LS_APPDATA>\In.exe
- <LS_APPDATA>\coopen_setup_45564.exe
- %TEMP%\~1.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\inc[1].exe
- <LS_APPDATA>\Setup.exe
- <LS_APPDATA>\kws.ini
- %TEMP%\~1.bat
- %APPDATA%\JjlDownLoader\0CloudEx_onlinesetup.exe
- 'do######.setup.xinruicn.com':80
- 'localhost':1035
- do######.setup.xinruicn.com/install/inc.exe
- DNS ASK do######.setup.xinruicn.com
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''