Technical Information
- '%TEMP%\new.exe'
- '%TEMP%\2.crack.exe'
- <SYSTEM32>\svchost.exe
- <DRIVERS>\Ywhpjvwt.sys
- <SYSTEM32>\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6YQRA29M\ip[1].txt
- <SYSTEM32>\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6YQRA29M\index[1].asp
- %TEMP%\2.crack.exe
- %TEMP%\new.exe
- <SYSTEM32>\Ywhpjvwt.d1l
- <SYSTEM32>\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6YQRA29M\index[1].asp
- <SYSTEM32>\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6YQRA29M\ip[1].txt
- '<Private IP address>':80
- 'www.00##.com.cn':80
- <Private IP address>/index.asp?50##########
- www.00##.com.cn/x/ip.txt
- DNS ASK www.00##.com.cn
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'