Technical Information
- YY.exe
- <Full path to file>{6B05C981-710E-4472-87A7-BD5A80A4013A}
- <Current directory>\RCX2.tmp
- <Current directory>\YY.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\yyroom[1].txt
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\U98D4X8H\yyroom1[1].txt
- <Current directory>\YY.exe
- <Full path to file>{6B05C981-710E-4472-87A7-BD5A80A4013A}
- from <Full path to file> to %TEMP%\_@1.tmp
- <Full path to file>{6B05C981-710E-4472-87A7-BD5A80A4013A}
- <Full path to file>
- 'yy##l.com':80
- 'pi##iuwu.cn':80
- http://yy##l.com/yyroom.txt
- http://pi##iuwu.cn/yyroom1.txt
- DNS ASK yy##l.com
- DNS ASK pi##iuwu.cn
- '<Current directory>\YY.exe'