Technical Information
- %TEMP%\is-18sv9.tmp\<File name>.tmp
- %TEMP%\is-gmbqo.tmp\_isetup\_setup64.tmp
- <Current directory>\pdfreader2019\is-mjqhs.tmp
- <Current directory>\pdfreader2019\is-hbdur.tmp
- <Current directory>\pdfreader2019\unins000.dat
- %TEMP%\is-gmbqo.tmp\_isetup\_setup64.tmp
- %TEMP%\is-18sv9.tmp\<File name>.tmp
- from <Current directory>\pdfreader2019\is-mjqhs.tmp to <Current directory>\pdfreader2019\unins000.exe
- from <Current directory>\pdfreader2019\is-hbdur.tmp to <Current directory>\pdfreader2019\ytbticket2020.exe
- http://www.ip##de.pw/
- DNS ASK ip##de.pw
- '%TEMP%\is-18sv9.tmp\<File name>.tmp' /SL5="$5023C,1210065,752640,<Full path to file>"
- '<Current directory>\pdfreader2019\ytbticket2020.exe'