Technical Information
- '' (downloaded from the Internet)
- '<SYSTEM32>\taskkill.exe' /f /im "<File name>.exe"
- <SYSTEM32>tmp.ini
- <Current directory>\temp\update.exe
- <Current directory>\_deleteme.bat
- <Full path to file>
- <SYSTEM32>tmp.ini
- <Current directory>\temp\update.exe
- <Full path to file>
- '00##j.cn':80
- http://www.00##j.cn/xdd/Update.ini via 00##j.cn
- http://www.00##j.cn/xdd/xdd.exe via 00##j.cn
- DNS ASK www.00##j.cn
- ClassName: '' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c <Current directory>\_deleteme.bat
- '<SYSTEM32>\ping.exe' 127.1 -n 2