Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\Test.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ys-b.ys168[1].exe_50c2bsm0d6e4bkksm0cqhs4bktl0cqmpqh5bs4bktllhu01f20f01z
- <SYSTEM32>\DS2.bat
- <SYSTEM32>\DS1.ico
- <SYSTEM32>\DS2.bat
- <SYSTEM32>\DS1.ico
- <SYSTEM32>\cmd.exe
- 'ys##.ys168.com':80
- 'localhost':1037
- ys##.ys168.com/?ds############################################################
- DNS ASK ys##.ys168.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'