Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'LiuLiangZB' = '"<Full path to file>" /autorun'
- <Current directory>\Config.ini
- 'www.43#5.cc':80
- '66##.#ojingjia.com':80
- 'up###d.6299.cc':80
- 'localhost':1038
- http://www.43#5.cc/rj/flowtips.html
- http://up###d.6299.cc/gj/ver.txt
- http://66##.#ojingjia.com/ClientAPI/flowtaskAPIV1.aspx?ra############
- DNS ASK 66##.#ojingjia.com
- DNS ASK www.43#5.cc
- DNS ASK up###d.6299.cc
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''