Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1400' = '00000000'
- %ProgramFiles(x86)%\xsopenvpnnew\skinh.dll
- %ProgramFiles(x86)%\xsopenvpnnew\aero.she
- 'ap#.##anshenjp.com':80
- 'pa#.##anshenjp.com':80
- 'be#.#uyanzhe.cn':80
- 'ba###.aliyun.com':80
- 'al##un.com':443
- 'microsoft.com':80
- http://ap#.##anshenjp.com/Api.asmx/gty
- http://ap#.##anshenjp.com/Api.asmx/gk
- http://ap#.##anshenjp.com/Api.asmx/gd
- 'al##un.com':443
- DNS ASK ap#.##anshenjp.com
- DNS ASK pa#.##anshenjp.com
- DNS ASK be#.#uyanzhe.cn
- DNS ASK ba###.aliyun.com
- DNS ASK al##un.com
- DNS ASK microsoft.com
- ClassName: 'wndclass_desked_gsk' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''