Technical Information
- %TEMP%\d3439ec91aa748a68ef2d6dfa856f66b\libmp3lame.64.dll
- %LOCALAPPDATA%\skinsoft\visualstyler\2.4.59444.6\x64\ssapihook.dll
- %APPDATA%\microsoft\windows\templates\visualplus themes\defaulttheme.xml
- %LOCALAPPDATA%\bitrat\<File name>.exe_url_n1al0fwbkzfbuvk35nwleo02cynddt3l\1.0.0.0\3iq1vhar.newcfg
- from %LOCALAPPDATA%\bitrat\<File name>.exe_url_n1al0fwbkzfbuvk35nwleo02cynddt3l\1.0.0.0\3iq1vhar.newcfg to %LOCALAPPDATA%\bitrat\<File name>.exe_url_n1al0fwbkzfbuvk35nwleo02cynddt3l\1.0.0.0\user.config
- 'localhost':32708
- DNS ASK ch.##ol.ntp.org
- 'ch.##ol.ntp.org':123
- '<SYSTEM32>\cmd.exe' /C net start w32time & w32tm /resync /force' (with hidden window)
- '<SYSTEM32>\cmd.exe' /C net start w32time & w32tm /resync /force
- '<SYSTEM32>\net.exe' start w32time
- '<SYSTEM32>\net1.exe' start w32time
- '<SYSTEM32>\w32tm.exe' /resync /force