Technical Information
- <Current directory>\08895.exe
- %WINDIR%\syswow64\delsexe.vbs
- <Current directory>\update.temp
- <Current directory>\myskin10.19.1_00.exe
- %WINDIR%\syswow64\delmexe.vbs
- %WINDIR%\syswow64\delsexe.vbs
- %WINDIR%\syswow64\delmexe.vbs
- %WINDIR%\syswow64\delsexe.vbs
- <Current directory>\update.temp
- <Current directory>\08895.exe
- %WINDIR%\syswow64\delmexe.vbs
- http://we#.#ago.club/myCheck/version.html
- http://sk#######.#ss-cn-shenzhen.aliyuncs.com/hkd/MySkin
- http://we#.#ago.club/myCheck/updateInfo.php
- DNS ASK we#.#ago.club
- DNS ASK sk#######.#ss-cn-shenzhen.aliyuncs.com
- '<Current directory>\08895.exe' yes
- '%WINDIR%\syswow64\wscript.exe' "<SYSTEM32>\delSexe.vbs"
- '%WINDIR%\syswow64\wscript.exe' "<SYSTEM32>\delMexe.vbs"