Technical Information
- %WINDIR%\syswow64\dpapimig.exe
- C:\gff6gfg6g.ini
- <Current directory>\config.ini
- <Current directory>\post
- <Current directory>\int[2.8].exe
- C:\gff6gfg6g.ini
- <Current directory>\post
- <Current directory>\int[2.8].exe
- <Current directory>\post
- <Current directory>\int[2.8].exe
- http://lo###.#h1949.com:1214/File3/Tips.txt via lo###.ch1949.com
- http://lo###.#h1949.com:1214/3.exe via lo###.ch1949.com
- DNS ASK lo###.ch1949.com
- '%WINDIR%\syswow64\dpapimig.exe'