Technical Information
- '%TEMP%\t10019.exe'
- '%TEMP%\80326_al.exe'
- '%TEMP%\00a8.exe'
- '%TEMP%\482f.exe'
- '%TEMP%\t10019.exe' (downloaded from the Internet)
- '%TEMP%\80326_al.exe' (downloaded from the Internet)
- '%TEMP%\482f.exe' (downloaded from the Internet)
- '%TEMP%\00a8.exe' (downloaded from the Internet)
- %TEMP%\80326_al.exe
- %TEMP%\t10019.exe
- %TEMP%\482f.exe
- %TEMP%\00a8.exe
- 'www.sj##.com':80
- '11#.#47.137.91':85
- 'www.ry##o.com':80
- '61.##0.146.102':85
- www.ry##o.com/myfile/2227921967/Pack/80326_al.jpg
- www.sj##.com/hezi/jm/t10019.exe
- www.ry##o.com/myfile/2227921967/Pack/5.jpg
- www.ry##o.com/myfile/2227921967/Pack/taobaoshua1.jpg
- DNS ASK www.sj##.com
- DNS ASK www.ry##o.com