Technical Information
- 'ht##q.com':80
- 'a.##sf.com':7000
- http://www.ht##q.com/bmd.txt
- 'a.##sf.com':7000
- DNS ASK ht##q.com
- DNS ASK a.##sf.com
- '%WINDIR%\syswow64\cmd.exe' /c del "<Current directory>\*jlkv.exe"' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c del "<Current directory>\*.dll"' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c del "<Current directory>\*jlkv.exe"
- '%WINDIR%\syswow64\cmd.exe' /c del "<Current directory>\*.dll"