Technical Information
- %WINDIR%\bmw\uu.bat
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\277459282201781071641573[1]
- %WINDIR%\3.txt
- %WINDIR%\bmw\main.bat
- %WINDIR%\bmw\op.vbs
- %WINDIR%\bmw\pp.vbs
- %WINDIR%\bmw\op.bat
- 'sh#######ngxiong.blog.163.com':80
- 'localhost':1035
- http://sh#######ngxiong.blog.163.com/blog/static/277459282201781071641573/
- DNS ASK sh#######ngxiong.blog.163.com
- ClassName: 'EDIT' WindowName: ''
- '<SYSTEM32>\wscript.exe' "%WINDIR%\bmw\op.vbs"
- '<SYSTEM32>\wscript.exe' "%WINDIR%\bmw\pp.vbs"
- '<SYSTEM32>\ping.exe' -n 2 127.0.1
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\bmw\main.bat" "
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\bmw\op.bat" "