Technical Information
- %WINDIR%\syswow64\svchost.exe
- %TEMP%\lingguang615.exe
- %TEMP%\lingguang615.exe
- '12#.#31.10.132':32002
- 'localhost':49175
- 'localhost':31668
- '12#.#31.10.132':32003
- '%TEMP%\lingguang615.exe'
- '%TEMP%\lingguang615.exe' ' (with hidden window)
- '%WINDIR%\syswow64\explorer.exe' %TEMP%\LingGuang615.exe
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 4 "%TEMP%\lingguang615.exe"
- '%WINDIR%\syswow64\svchost.exe' 31668