Technical Information
- C:\hid.dll
- %LOCALAPPDATA%\steamactive\hex.txt
- C:\hid.dll
- 'st######.####accelerate-overseas.aliyuncs.com':80
- http://st######.####accelerate-overseas.aliyuncs.com/dwf/NH
- http://st######.####accelerate-overseas.aliyuncs.com/dwf/hex.txt
- DNS ASK st######.####accelerate-overseas.aliyuncs.com
- '<SYSTEM32>\cmd.exe' /c \steam.exe' (with hidden window)
- '<SYSTEM32>\cmd.exe' /c \steam.exe