Technical Information
- ClassName: 'Filemonclass' WindowName: ''
- ClassName: 'Regmonclass' WindowName: ''
- C:\kss.ini
- <SYSTEM32>\bgoNP.jpg
- <SYSTEM32>\qP7Oe.jpg
- <SYSTEM32>\bgoNP.jpg
- <SYSTEM32>\qP7Oe.jpg
- from <Current directory>\MC736.dat to <Full path to virus>
- from <Full path to virus> to <Current directory>\MC736.dat
- 'xx##.cszwg.com':80
- 'xx#.#szwg.com':80
- 'localhost':1037
- xx##.cszwg.com/kss_api/api.php?a=#########################################################
- xx#.#szwg.com/kss_api/api.php?a=##########################################################
- DNS ASK xx##.cszwg.com
- DNS ASK xx#.#szwg.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '18467-41' WindowName: ''
- ClassName: '4823-00000029' WindowName: ''