Technical Information
- %HOMEPATH%\start menu\programs\startup\<File name>.lnk
- %WINDIR%\tasks\bidaily synchronize task.job
- %ALLUSERSPROFILE%\application data\{3cf1a0a5-0574-1c6b-3cf1-1a0a50578294}\<File name>.exe
- %ALLUSERSPROFILE%\application data\{3cf1a0a5-0574-1c6b-3cf1-1a0a50578294}\<File name>.dat
- DNS ASK po####ve-models.com
- DNS ASK gu###liban.info