Technical Information
- 'C:\kpjzKAVSETUPS_66_83580.exe'
- 'C:\ksbinstaller_s_66_59329.exe'
- 'C:\kpjzKAVSETUPS_66_83580.exe' (downloaded from the Internet)
- 'C:\ksbinstaller_s_66_59329.exe' (downloaded from the Internet)
- '<SYSTEM32>\wscript.exe' "<Current directory>\jm.vbs"
- '<SYSTEM32>\ping.exe' -n 3 127.0.0.1
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\setup.bat" "
- C:\ksbinstaller_s_66_59329.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\kpjzKAVSETUPS_66_83580[1].exe
- C:\kpjzKAVSETUPS_66_83580.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ksbinstaller_s_66_59329[1].exe
- %TEMP%\1.tmp\setup.bat
- <Current directory>\jm.vbs
- <Current directory>\setup.bat
- %TEMP%\1.tmp\setup.bat
- 'd.#####.ijinshan.com':80
- 'localhost':1037
- d.#####.ijinshan.com/duba/link/kpjzKAVSETUPS_66_83580.exe
- d.#####.ijinshan.com/liebao/link/ksbinstaller_s_66_59329.exe
- DNS ASK d.#####.ijinshan.com