Technical Information
- hidden files
- D:\nnc
- D:\soeen\config.ini
- D:\nnc
- 'u.#.qq.com':443
- '20##.ip138.com':443
- 'oc##.#igicert.cn':80
- 'ti##.soeen.top':80
- http://oc##.#igicert.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAL34fmCutAJr%2FR9yVdBsvY%3D
- http://oc##.#igicert.cn/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRc9osyRBU0ybHlZFuU293oOS1mlwQUBr2mm2B5UDG%2B1akCSqDQlVOLLzQCEAKqzFgaJ9oDsO6Sg7ohgeQ%3D
- http://ti##.soeen.top/Soeen/Strawberrynew.asp
- 'u.#.qq.com':443
- '20##.ip138.com':443
- DNS ASK u.#.qq.com
- DNS ASK 20##.ip138.com
- DNS ASK oc##.#igicert.cn
- DNS ASK ti##.soeen.top
- ClassName: '' WindowName: 'RTSS.exe'
- ClassName: '' WindowName: 'RTSSHooksLoader64.exe'
- ClassName: '' WindowName: 'EncoderServer.exe'
- ClassName: '' WindowName: 'MSIAfterburner.exe'