Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\QQЈє306189440] 'ImagePath' = '<Current directory>\jinfuhide.dat'
- NtQuerySystemInformation, handler: jinfuhide.dat
- <Full path to file>
- <Current directory>\jinfuhide.dat
- <Current directory>\Hook.dll
- <Current directory>\jinfuhide.dat
- <Current directory>\Hook.dll
- <Current directory>\jinfuhide.dat
- ClassName: 'Shell_TrayWnd' WindowName: ''