Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\hy5.5] 'ImagePath' = '%TEMP%\BKjHx5q.sys'
- NtOpenProcess, handler: BKjHx5q.sys
- %TEMP%\BKjHx5q.sys
- <Current directory>\GameOverlayUI.dll
- %TEMP%\BKjHx5q.sys
- %TEMP%\BKjHx5q.sys
- DNS ASK cn.##p.org.cn
- 'ti##.#indows.com':123
- 'localhost':1038
- 'cn.##p.org.cn':123
- 'localhost':1037