Technical Information
- %TEMP%\1441c6.tmp
- %TEMP%\1441ef.tmp
- %TEMP%\14420f.tmp
- %ProgramFiles%\steam\version.dll
- %ProgramFiles%\steam\version.dll
- %TEMP%\1441c6.tmp
- %TEMP%\1441ef.tmp
- %TEMP%\14420f.tmp
- %ProgramFiles%\steam\version.dll
- %ProgramFiles%\steam\version.dll
- from <Full path to file> to %TEMP%\1327669\...\temporaryfile
- http://43.###.186.95:90/exe.txt
- http://pv.#ohu.com/cityjson
- DNS ASK xu#.##login2.qq.com
- DNS ASK lo######t.ptlogin2.qq.com
- DNS ASK pv.#ohu.com