Technical Information
- '<Current directory>\setup__1994.exe' /S /u http://www.am###nst.com/index.php
- '<Current directory>\lyricb.exe' /PID=233
- '<Current directory>\MixiYD.exe' /PID=233 /AFFID=121133 /TOOLBAR=1 /HOMEPAGE=1 /SEARCH=1
- '<Current directory>\lyricb.exe' (downloaded from the Internet)
- '<Current directory>\MixiYD.exe' (downloaded from the Internet)
- '<Current directory>\setup__1994.exe' (downloaded from the Internet)
- <Current directory>\setup__1994.exe
- <Current directory>\lyricb.exe
- <Current directory>\Cloud_Backup_Setup.exe
- %TEMP%\nsn2.tmp\System.dll
- %TEMP%\nsn2.tmp\registry.dll
- %TEMP%\nsn2.tmp\NSISdl.dll
- <Current directory>\MixiYD.exe
- <Current directory>\lyricb.exe
- <Current directory>\setup__1994.exe
- <Current directory>\MixiYD.exe
- 'af##########.s3-website-us-east-1.amazonaws.com':80
- 'www.am###nst.com':80
- 'cd#.##tbrowse.com':80
- cd#.##tbrowse.com/components/AddLyrics.exe
- af##########.s3-website-us-east-1.amazonaws.com/7d18921937d1c7829f41f6f6fe09b830/Cloud_Backup_Setup.exe
- cd#.##tbrowse.com/components/MixiYD.exe
- www.am###nst.com/download.php?ve#######################################
- DNS ASK af##########.s3-website-us-east-1.amazonaws.com
- DNS ASK www.am###nst.com
- DNS ASK cd#.##tbrowse.com