Technical Information
- <SYSTEM32>\tasks\yajietask
- <SYSTEM32>\tasks\yajietask2
- snapcrab.exe
- %WINDIR%\syswow64\log
- C:\hplo\snapcrab.exe
- %WINDIR%\en_util.dll
- C:\hplo\qqgame.exe
- C:\hplo\dat
- %WINDIR%\syswow64\log
- %WINDIR%\syswow64\log
- 'tg##888.com':367
- DNS ASK tg##888.com
- 'C:\hplo\qqgame.exe'
- 'C:\hplo\snapcrab.exe'
- 'C:\hplo\snapcrab.exe' ' (with hidden window)