Technical Information
- <Current directory>\duy1jpmcm.exe
- <Current directory>\config.ini
- from <Full path to file> to %TEMP%\duy1jpmcm\....\duy1jpmcm
- 'be####tel360.com':1219
- 'te##.##sthotel360.com':80
- 'ht##.##sthotel360.com':80
- http://www.be#####el360.com:1219/001/puppet.Txt?11##### via be####tel360.com
- http://te##.##sthotel360.com/Data/5ones7jjenqs3jeqofoaajq3iic5vclyosii3lsscaoyisccj3s7ic7af3jeanfynsvio3a57nfsajijisinclcneslc3jy3fovaeqos73ne3c32303231C4EA38D4C23331C8D53139CAB13139B7D63135C3E...
- http://te##.##sthotel360.com/001/Tips.txt?11#####
- DNS ASK be####tel360.com
- DNS ASK te##.##sthotel360.com
- DNS ASK ht##.##sthotel360.com
- ClassName: 'Progman' WindowName: 'Program Manager'
- ClassName: 'CrossFire' WindowName: ''
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns