Technical Information
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'xcc93' = '<Full path to file>'
- User Account Control (UAC)
- DNS server to '47.111.223.3'
- DNS server to '114.114.114.114'
- 'ba##u.com':80
- DNS ASK ba##u.com
- DNS ASK dn#.#e99l.cn
- DNS ASK pa#.#e99l.cn