Technical Information
- YY.exe
- <Full path to file>{D24C51E1-73C4-41ac-A0B9-EC966B811C0E}
- <Current directory>\RCX2.tmp
- <Current directory>\YY.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\yyroom[1].txt
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\U98D4X8H\yyroom1[1].txt
- <Current directory>\YY.exe
- <Full path to file>{D24C51E1-73C4-41ac-A0B9-EC966B811C0E}
- from <Full path to file> to %TEMP%\_@1.tmp
- <Full path to file>{D24C51E1-73C4-41ac-A0B9-EC966B811C0E}
- <Full path to file>
- 'yy##l.com':80
- 'pi##iuwu.cn':80
- http://yy##l.com/yyroom.txt
- http://pi##iuwu.cn/yyroom1.txt
- DNS ASK yy##l.com
- DNS ASK pi##iuwu.cn
- '<Current directory>\YY.exe'