Technical Information
- <SYSTEM32>\tasks\flash update 1
- %WINDIR%\temp\cabea09.tmp
- %WINDIR%\temp\tarea0a.tmp
- %TEMP%\dcb9fd.exe
- %WINDIR%\temp\cabea09.tmp
- %WINDIR%\temp\tarea0a.tmp
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- DNS ASK al#########.oss-cn-beijing.aliyuncs.com
- DNS ASK microsoft.com
- DNS ASK an#####play.alicdn.com
- '%TEMP%\dcb9fd.exe'
- '%TEMP%\dcb9fd.exe' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {8CC7AD99-F984-4428-B49C-3A6062B3ED51} S-1-5-21-1960123792-2022915161-3775307078-1001:domdeeuhu\user:Interactive:[1]