Technical Information
- 'C:\ksbinstaller_s_66_77890.exe'
- 'C:\KAVSETUPS_66_107233.exe'
- 'C:\ksbinstaller_s_66_77890.exe' (downloaded from the Internet)
- 'C:\KAVSETUPS_66_107233.exe' (downloaded from the Internet)
- '<SYSTEM32>\wscript.exe' "%TEMP%\1.tmp\123.VBS"
- '<SYSTEM32>\ping.exe' -n 3 127.0.0.1
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\setup.bat" "
- C:\KAVSETUPS_66_107233.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ksbinstaller_s_66_77890[1].exe
- C:\ksbinstaller_s_66_77890.exe
- %TEMP%\1.tmp\setup.bat
- %TEMP%\1.tmp\123.VBS
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\KAVSETUPS_66_107233[1].exe
- %TEMP%\1.tmp\setup.bat
- 'd.#####.ijinshan.com':80
- 'localhost':1036
- d.#####.ijinshan.com/liebao/link/ksbinstaller_s_66_77890.exe
- d.#####.ijinshan.com/duba/link/KAVSETUPS_66_107233.exe
- DNS ASK d.#####.ijinshan.com