Technical Information
- <Current directory>\m9zaw8qcpl.exe
- <Current directory>\config.ini
- from <Full path to file> to %TEMP%\m9zaw8qcpl\....\m9zaw8qcpl
- 'te##.##sthotel360.com':80
- 'ht##.##sthotel360.com':80
- http://te##.##sthotel360.com/001/puppet.Txt?11#####
- http://te##.##sthotel360.com/Data/sZj0dTOGRXqhesMMY2miyVoganMUidvtzlgFvMixQNBvpm9bQfD2RKY4lw19ETj01FomZ1McbNGVjixqMz0c1Ez0taGx4GYRxQcRPb2LQgU6tk6Yfrjxj1A32303231C4EA39D4C231C8D53136CAB13439B7D6...
- http://te##.##sthotel360.com/001/Tips.txt?11#####
- DNS ASK te##.##sthotel360.com
- DNS ASK ht##.##sthotel360.com
- ClassName: 'Progman' WindowName: 'Program Manager'
- ClassName: 'CrossFire' WindowName: ''
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns