Technical Information
- %TEMP%\is-aue1l.tmp\<File name>.tmp
- %TEMP%\is-k974n.tmp\_isetup\_setup64.tmp
- %TEMP%\is-k974n.tmp\itdownload.dll
- %TEMP%\is-k974n.tmp\gcountry.dll
- %TEMP%\is-k974n.tmp\config.rar
- %TEMP%\is-k974n.tmp\unrar.exe
- %TEMP%\is-k974n.tmp\393.ini
- %TEMP%\is-k974n.tmp\393.txt
- %TEMP%\is-k974n.tmp\config.ini
- %TEMP%\is-k974n.tmp\8.ini
- %TEMP%\is-k974n.tmp\8.rtf
- %TEMP%\is-k974n.tmp\stub4_install.exe
- %TEMP%\is-k974n.tmp\stub_tmp.rar
- %TEMP%\is-k974n.tmp\stub4_install.exe
- %TEMP%\is-k974n.tmp\stub_tmp.rar
- %TEMP%\is-k974n.tmp\stub4_install.exe
- http://cd#.###ningsunsoft.com/offersCME_2D.rar
- http://ma##dn.ml/stub4_install.rar
- http://vt###smit.com/getip.php
- DNS ASK cd#.###ningsunsoft.com
- DNS ASK ma##dn.ml
- DNS ASK vt###smit.com
- '%TEMP%\is-aue1l.tmp\<File name>.tmp' /SL5="$D0210,351742,121344,<Full path to file>"
- '%TEMP%\is-k974n.tmp\unrar.exe' e -y config.rar
- '%TEMP%\is-k974n.tmp\unrar.exe' e -p123456 -y stub_tmp.rar
- '%TEMP%\is-k974n.tmp\unrar.exe' e -y config.rar' (with hidden window)
- '%TEMP%\is-k974n.tmp\unrar.exe' e -p123456 -y stub_tmp.rar' (with hidden window)