Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SQ Platform' = '%TEMP%\services_1004.exe ?(?3?)? ?,??????'
- %TEMP%\services_1004.exe
- %TEMP%\·гмбЎ¤ЎоЎп-·гТ¶_±©З№УўРЫДЪЗ¶ґ°їЪ.exe
- %HOMEPATH%\Desktop\Лж±гїґїґ.lnk
- 'ke##pan.com':80
- 'k.###udown.com':5555
- 'any':5555
- 'k4.##kudown.com':5555
- 'k5.##kudown.com':5555
- http://www.ke##pan.com/space_fenghuo_5723.html via ke##pan.com
- DNS ASK www.ke##pan.com
- DNS ASK k.###udown.com
- DNS ASK pa#.#aidu.com
- DNS ASK k1.##kudown.com
- DNS ASK k2.##kudown.com
- DNS ASK k3.##kudown.com
- DNS ASK k4.##kudown.com
- DNS ASK k5.##kudown.com
- '%TEMP%\services_1004.exe'
- '%TEMP%\·гмбЎ¤ЎоЎп-·гТ¶_±©З№УўРЫДЪЗ¶ґ°їЪ.exe'