Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'GuaZhuan' = '"<Full path to file>" -autorun '
- %APPDATA%\LSinglePro\log.txt
- %APPDATA%\LSinglePro\TFExecuter4\cfg.ini
- %APPDATA%\LSinglePro\cfg.ini
- 'ap#.#ap1000.com':8011
- 'ap#.##uliangbao.cn':80
- http://ap#.##uliangbao.cn/clt/jobid/1fed2d602b5b6bb6519256795d0e1aff8b0c67697ac16a3c2e05d32af109e029476c2df0ac6c172d33a41c33715d8e709afa48d6408b0b2845489315124cc538b30cb893091d912f9c07e46535b29...
- http://ap#.##uliangbao.cn/redirect/CFGUpdate?nu###############################################################
- http://ap#.##uliangbao.cn/as/2/h3/
- http://ap#.##uliangbao.cn/as/2/h5/
- http://ap#.##uliangbao.cn/ts/f2.2/
- http://ap#.##uliangbao.cn/as/c/f8/
- http://ap#.##uliangbao.cn/as/2/h1/
- DNS ASK ap#.#ap1000.com
- DNS ASK ap#.##uliangbao.cn
- ClassName: 'Shell_TrayWnd' WindowName: ''