Technical Information
- <Current directory>\9pekpwkpc0d8.exe
- <Current directory>\config.ini
- from <Full path to file> to %TEMP%\9pekpwkpc0d8\....\9pekpwkpc0d8
- 'te##.##sthotel360.com':80
- 'ht##.##sthotel360.com':80
- http://te##.##sthotel360.com/Data/1iA4lAYpAp8Ha2lFE3jKCSM6a4N6D2s6uha5qKfVM82UpJ0VnfcUl62Ngp8FXnmeqdpfBq6DJXMCX8BWR0xqNjzPwqdv0mcRW09u15jf832303231C4EA38D4C23238C8D53135CAB13435B7D63536C3EB.txt...
- http://te##.##sthotel360.com/001/Tips.txt?10#####
- http://ht##.##sthotel360.com/HttpApiGb.ashx?ac#################
- DNS ASK te##.##sthotel360.com
- DNS ASK ht##.##sthotel360.com
- ClassName: 'Progman' WindowName: 'Program Manager'
- ClassName: 'CrossFire' WindowName: ''
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns