Technical Information
- %WINDIR%\syswow64\diskraid.exe
- C:\g0flggfegff.ini
- <Current directory>\config.ini
- <Current directory>\post
- <Current directory>\int[2.8].exe
- C:\g0flggfegff.ini
- <Current directory>\post
- <Current directory>\int[2.8].exe
- <Current directory>\post
- <Current directory>\int[2.8].exe
- http://lo###.#h1949.com:1214/File3/Tips.txt via lo###.ch1949.com
- http://lo###.#h1949.com:1214/3.exe via lo###.ch1949.com
- DNS ASK lo###.ch1949.com
- '%WINDIR%\syswow64\diskraid.exe'