Technical Information
- 'ba##u.com':80
- 'ne###n.th51.com':80
- 'hu###omains.com':443
- 'ci.#h51.com':80
- 'mi###u.th51.com':80
- 'so####1.th51.com':80
- 'so####2.th51.com':80
- http://www.ba##u.com/
- http://ne###n.th51.com/chushihua/yinqingpt.txt
- http://ne###n.th51.com/xinyun/pt/mtkan.php?ur##
- http://ci.#h51.com/ping362.txt
- http://ci.#h51.com/xing362.txt
- http://ne###n.th51.com/go/bb.php
- http://he##.th51.com/?3.###
- http://so####1.th51.com/
- http://so####2.th51.com/
- http://mi###u.th51.com/
- 'hu###omains.com':443
- DNS ASK ba##u.com
- DNS ASK ne###n.th51.com
- DNS ASK hu###omains.com
- DNS ASK ci.#h51.com
- DNS ASK he##.th51.com
- DNS ASK so####2.th51.com
- DNS ASK so####1.th51.com
- DNS ASK mi###u.th51.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- '%WINDIR%\syswow64\regsvr32.exe' /s npmtkanpp.dll