Technical Information
- [<HKLM>\System\CurrentControlSet\Services\qiongLd] 'ImagePath' = '%TEMP%\qiongLd'
- %TEMP%\qiongld
- <Current directory>\ôà ¹æâà ½ï°ä¼·\ôèáùù¿æð³¶.lnk
- %TEMP%\qiongld
- from <Full path to file> to %TEMP%\qiong\1042890\....\temporaryfile
- http://www.ze##iu.net/
- http://st#####.##gitalcertvalidation.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRJrF0xYA49jC3D83fgDGesaUkzIQQUf9OZ86BHDjEAVlYijrfMnt3KAYoCEAUKyzzvVNyFb9%2BAAyjIgVk%3D
- DNS ASK ze##iu.net
- DNS ASK st#####.##gitalcertvalidation.com
- DNS ASK zz.##static.com
- DNS ASK sp#.#aidu.com
- ClassName: '' WindowName: 'Microsoft Internet Explorer'
- ClassName: 'DDEMLMom' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''