Technical Information
- '<SYSTEM32>\taskkill.exe' /F /T /IM EYAppClient.exe
- '<SYSTEM32>\taskkill.exe' /F /T /IM Polestar.exe
- '<SYSTEM32>\taskkill.exe' /F /T /IM Zhanba.exe
- '<SYSTEM32>\taskkill.exe' /F /T /IM GameDataManager.exe
- %TEMP%\aut1.tmp
- %HOMEPATH%\Desktop\好.123.exe
- %TEMP%\aut2.tmp
- %WINDIR%\BootPC.bat
- %TEMP%\aut3.tmp
- %WINDIR%\services.exe
- %TEMP%\aut4.tmp
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\server[1].txt
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut3.tmp
- %TEMP%\aut4.tmp
- 'li##.#dkuai8.com':80
- http://li##.#dkuai8.com/server/client/server.txt
- DNS ASK ud#.#dkuai8.com
- DNS ASK li##.#dkuai8.com
- ClassName: '' WindowName: ''
- '%WINDIR%\services.exe'
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\BootPC.bat