Technical Information
- iyeggfyo.exe
- <SYSTEM32>\iyeggfyo.exe
- %TEMP%\qrjatydimo.tmp
- %TEMP%\fugclqurclqe.tmp
- %APPDATA%\microsoft\hkohogfqlm\2b9f1632
- %TEMP%\cdrhvqsuwbvntm.tmp
- %APPDATA%\microsoft\hkohogfqlm\2b9f1a1a
- %TEMP%\ryktdlwixoqlds.tmp
- <SYSTEM32>\2b9ed3cb
- %TEMP%\qrjatydimo.tmp
- %TEMP%\fugclqurclqe.tmp
- %TEMP%\cdrhvqsuwbvntm.tmp
- %TEMP%\ryktdlwixoqlds.tmp
- '16#.com':80
- http://ve#.##tgshzs.com/Version.ini
- http://cf#.###sensujiao.com/Config.ini
- http://co##.#ihaihong.com/Hsvt.dat
- http://co##.#ihaihong.com/Hds.dat
- http://ip.##.126.net/ipquery
- http://co##.####ingwanchao.com:9804/supp.aspx?t=#################################################################################################################################################...
- DNS ASK 16#.com
- DNS ASK ve#.##tgshzs.com
- DNS ASK cf#.###sensujiao.com
- DNS ASK co##.#ihaihong.com
- DNS ASK ip.##.126.net
- DNS ASK co##.##ijingwanchao.com
- '<SYSTEM32>\iyeggfyo.exe'