Technical Information
- '%TEMP%\KuWo_Update\kuwo_jm49.exe'
- '%TEMP%\KuWo_Update\kuwo_jm49.exe' (downloaded from the Internet)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\kuwo_jm49[1].exe
- %TEMP%\KuWo_Update\kuwo_jm49.exe
- %TEMP%\nsq3.tmp\inetc.dll
- %TEMP%\nsb2.tmp
- %TEMP%\nsq3.tmp\System.dll
- %TEMP%\nsq3.tmp\System.dll
- %TEMP%\nsq3.tmp\inetc.dll
- %TEMP%\KuWo_Update\kuwo_jm49.exe
- 'do##.kuwo.cn':80
- do##.kuwo.cn/mbox/kuwo_jm49.exe
- DNS ASK do##.kuwo.cn
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'