Technical Information
- 'C:\laajlagehc.exe'
- 'C:\laajlagehc.exe' (downloaded from the Internet)
- '<SYSTEM32>\ntvdm.exe' -f -i1
- C:\kuyouxi.exe
- C:\qqpcmgr_v10.11.16588.235_72904_Silence.exe
- C:\BlueInstaller_bsftmq_24963_.exe
- C:\laajlagehc.exe
- C:\BlueResource.bpk
- C:\install1148140.exe
- %WINDIR%\Temp\scs1.tmp
- <Current directory>\sa.exe
- %WINDIR%\Temp\scs2.tmp
- C:\V8._81529_20150723001226.exe
- C:\duba_94_17.exe
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- 'www.ts###gjian.com':80
- 'zj##j.com':80
- 'localhost':1038
- http://zj##j.com/BlueInstaller_bsftmq_24963_.exe
- http://zj##j.com/kuyouxi.exe
- http://www.ts###gjian.com/feichang_110_17583.exe
- http://zj##j.com/BlueResource.bpk
- http://zj##j.com/V8._81529_20150723001226.exe
- http://zj##j.com/duba_94_17.exe
- http://zj##j.com/qqpcmgr_v10.11.16588.235_72904_Silence.exe
- http://zj##j.com/install1148140.exe
- DNS ASK www.ts###gjian.com
- DNS ASK zj##j.com
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-b50.b54.380001'