Technical Information
- <SYSTEM32>\tasks\waifang
- C:\users\public\pictures\dpay.doc
- C:\users\public\pictures\nw.exe
- C:\users\public\pictures\nw_elf.dll
- %LOCALAPPDATA%\crashpad\settings.dat
- C:\waifang.ini
- C:\users\public\pictures\~$dpay.doc
- C:\users\public\pictures\nw_elf.dll
- C:\users\public\pictures\nw.exe
- C:\waifang.ini
- '45.##2.152.229':2229
- 'C:\users\public\pictures\nw.exe'
- 'C:\users\public\pictures\nw.exe' --type=crashpad-handler /prefetch:7 --no-rate-limit --database=%LOCALAPPDATA%\Crashpad --annotation=channel= --annotation=plat=Win32 --annotation=prod=shaozi --annotation=ver=-devel --handshake...
- '%ProgramFiles%\microsoft office\office14\winword.exe' /n "C:\Users\Public\Pictures\dpay.doc"