Technical Information
- '%WINDIR%\syswow64\taskkill.exe' /f /im ¹ÌÇÇÊÓƵÖúÊÖ.exe
- <Current directory>\set.ini
- <Current directory>\ìáê¾òô.mp3
- <Current directory>\×ô¶¯éý¼¶.exe
- <Current directory>\gqvideo.zip
- <Current directory>\¹ìççêóæµöúêö.exe
- <Current directory>\¹ìççêóæµöúêö¸üðâëµã÷.txt
- <Current directory>\gqvideo.zip
- http://d1##.#ykj988.com/d1kf_gqvideo/hmd.txt
- http://www.xm##68.com/soft/gqvideo.zip
- http://d1##.#ykj988.com/d1kf_gqvideo/new1.php?id########
- http://d1##.#ykj988.com/d1kf_gqvideo/new222new.php
- DNS ASK d1##.#ykj988.com
- DNS ASK xm##68.com
- ClassName: '' WindowName: ''
- '<Current directory>\×ô¶¯éý¼¶.exe'
- '%WINDIR%\syswow64\taskkill.exe' /f /im ¹ÌÇÇÊÓƵÖúÊÖ.exe' (with hidden window)