Trojan.DownLoader36.18831

Technical Information

Modifies file system

Creates the following files

<Current directory>\ВёГјГ°ГўВ°Гј.7z
<Current directory>\script\自定义\[例] 等待队伍人数.lua
<Current directory>\script\自定义\[例] 等待到时间.lua
<Current directory>\script\数据\请勿修改这里的lua文件,到c盘私有设置修改.txt
<Current directory>\script\数据\科举.lua
<Current directory>\script\数据\坐标清剿九黎余孽.lua
<Current directory>\script\数据\坐标摆摊.lua
<Current directory>\script\数据\坐标天降奇兽.lua
<Current directory>\script\数据\坐标刷马.lua
<Current directory>\main
<Current directory>\data\符号.txt
<Current directory>\data\物品.ini
<Current directory>\data\模版\迷宫3号点.xml
<Current directory>\data\模版\迷宫2号点.xml
<Current directory>\data\模版\迷宫1号点.xml
<Current directory>\data\模版\秦皇地宫四层d点.xml
<Current directory>\data\模版\秦皇地宫四层c点.xml
<Current directory>\data\模版\秦皇地宫四层b点.xml
<Current directory>\data\模版\秦皇地宫四层boss点.xml
<Current directory>\data\模版\秦皇地宫四层a点.xml
<Current directory>\data\模版\秦皇地宫二层e点.xml
<Current directory>\data\模版\秦皇地宫二层d点.xml
<Current directory>\data\模版\秦皇地宫二层c点.xml
<Current directory>\data\模版\秦皇地宫二层b点.xml
<Current directory>\data\模版\秦皇地宫二层boss点.xml
<Current directory>\data\模版\秦皇地宫二层a点.xml
<Current directory>\data\模版\秦皇地宫三层d点.xml
<Current directory>\data\模版\秦皇地宫三层c点.xml
<Current directory>\data\模版\秦皇地宫三层b点.xml
<Current directory>\data\模版\秦皇地宫三层boss点.xml
<Current directory>\script\自定义\[自定义] 接口说明.lua
<Current directory>\script\自定义\仓库存钱.lua
<Current directory>\dfz.vmp.dll
<Current directory>\script\自定义\兑换元宝票.lua
<Current directory>\data\zydd.dll
<Current directory>\data\报警.wav
<Current directory>\点我运行.bat
<Current directory>\script\自定义\领取五行法帖.lua
<Current directory>\script\自定义\锦囊宝箱消化.lua
<Current directory>\script\自定义\许愿果换强化.lua
<Current directory>\script\自定义\虚空交任务.lua
<Current directory>\script\自定义\自动组队(例).lua
<Current directory>\script\自定义\窗口闪烁报警.lua
<Current directory>\script\自定义\离开藏经阁.lua
<Current directory>\script\自定义\波斯玫瑰换强化.lua
<Current directory>\script\自定义\每日签到.lua
<Current directory>\script\自定义\扫荡福地困难.lua
<Current directory>\script\自定义\扫荡福地.lua
<Current directory>\script\自定义\扫荡王陵.lua
<Current directory>\script\自定义\扫荡燕子.lua
<Current directory>\script\自定义\扫荡杀星.lua
<Current directory>\script\自定义\扫荡少室.lua
<Current directory>\script\自定义\扫荡小缥.lua
<Current directory>\script\自定义\扫荡大缥.lua
<Current directory>\script\自定义\扫荡四绝.lua
<Current directory>\script\自定义\扫荡兵圣困难.lua
<Current directory>\script\自定义\扫荡兵圣.lua
<Current directory>\script\自定义\扫荡三神.lua
<Current directory>\script\自定义\商会取钱.lua
<Current directory>\script\自定义\合成宝石(绑定).lua
<Current directory>\script\自定义\合成宝石(混合).lua
<Current directory>\script\自定义\合成宝石(不绑).lua
<Current directory>\script\自定义\古兰玉换宝石.lua
<Current directory>\data\模版\秦皇地宫三层a点.xml
<Current directory>\script\自定义\仓库取钱.lua
<Current directory>\data\模版\秦皇地宫一层c点.xml
<Current directory>\data\坐标\8级武夷.txt
<Current directory>\data\坐标\7级清源.txt
<Current directory>\data\坐标\6级苍山.txt
<Current directory>\data\坐标\5级龙泉.txt
<Current directory>\data\坐标\4级雁南.txt
<Current directory>\data\坐标\3级洱海.txt
<Current directory>\data\坐标\2级西湖.txt
<Current directory>\data\坐标\1级镜湖.txt
<Current directory>\data\坐标\1级无量山.txt
<Current directory>\data\坐标\1级敦煌.txt
<Current directory>\data\坐标\1级嵩山.txt
<Current directory>\data\坐标\1级太湖.txt
<Current directory>\data\坐标\1级剑阁.txt
<Current directory>\data\坐标\10级草原.txt
<Current directory>\data\坐标\10级盐湖.txt
<Current directory>\data\坐标\10级火焰山.txt
<Current directory>\data\坐标\10级梅岭.txt
<Current directory>\data\坐标\10级昆仑山.txt
<Current directory>\data\坐标\10级撒马尔罕.txt
<Current directory>\data\坐标\10级大宛.txt
<Current directory>\data\坐标\10级塔里木.txt
<Current directory>\data\坐标\10-9级银皑雪原.txt
<Current directory>\data\坐标\10-9级漠南青原.txt
<Current directory>\data\坐标\10-9级林海溪谷.txt
<Current directory>\data\坐标\10-9级忘川花海.txt
<Current directory>\data\坐标\10-9级天岐南淮.txt
<Current directory>\data\record2.dat
<Current directory>\data\record1.dat
<Current directory>\data\gameserver.txt
<Current directory>\data\default.ini
<Current directory>\data\坐标\7级雁北.txt
<Current directory>\data\坐标\9级石林.txt
<Current directory>\data\模版\秦皇地宫一层boss点.xml
<Current directory>\data\坐标\9级高昌.txt
<Current directory>\data\模版\秦皇地宫一层a点.xml
<Current directory>\data\模版\火焰谷3号点.xml
<Current directory>\data\模版\火焰谷2号点.xml
<Current directory>\data\模版\火焰谷1号点.xml
<Current directory>\data\模版\汗血岭4点.xml
<Current directory>\data\模版\汗血岭3点.xml
<Current directory>\data\模版\汗血岭2点.xml
<Current directory>\data\模版\汗血岭1点.xml
<Current directory>\data\模版\昆仑福地b点.xml
<Current directory>\data\模版\昆仑福地a点.xml
<Current directory>\data\模版\昆仑山b点.xml
<Current directory>\data\模版\昆仑山a点.xml
<Current directory>\data\模版\撒马尔罕e点.xml
<Current directory>\data\模版\撒马尔罕d点.xml
<Current directory>\data\模版\撒马尔罕c点.xml
<Current directory>\data\模版\撒马尔罕b点.xml
<Current directory>\data\模版\撒马尔罕a点.xml
<Current directory>\data\模版\塔克2号点.xml
<Current directory>\data\模版\塔克1号点.xml
<Current directory>\data\模版\圣火宫b点.xml
<Current directory>\data\模版\圣火宫a点.xml
<Current directory>\data\坐标\药材.ini
<Current directory>\data\坐标\矿物.ini
<Current directory>\data\坐标\昆吾В·漠南青原.txt
<Current directory>\data\坐标\昆吾В·沁水丹林.txt
<Current directory>\data\坐标\昆吾В·林海溪谷.txt
<Current directory>\data\坐标\昆吾В·忘川花海.txt
<Current directory>\data\坐标\昆吾В·天岐南淮.txt
<Current directory>\data\坐标\昆吾В·云遥鹊岭.txt
<Current directory>\data\模版\秦皇地宫一层b点.xml
C:\tlzz\config.ini

Moves the following files

from <Current directory>\dfz.vmp.dll to <Current directory>\dfz.dll

Substitutes the following executable files

<Full path to file>

Moves itself

from <Full path to file> to <Current directory>\jt_back

Deletes itself.

Network activity

TCP

HTTP GET requests

http://up.#2e9.com/show_up.html
http://yu##.52e9.com/bs1129.7z

HTTP POST requests

http://up.#2e9.com/update.php
http://pa#.#2e9.com/kss_io/io.php?up###############

UDP

DNS ASK in##.52e9.com
DNS ASK up.#2e9.com
DNS ASK yu##.52e9.com
DNS ASK pa#.#2e9.com

Miscellaneous

Searches for the following windows

ClassName: 'MS_AutodialMonitor' WindowName: ''
ClassName: 'MS_WebCheckMonitor' WindowName: ''
ClassName: 'TianLongBaBu WndClass' WindowName: ''

Creates and executes the following

'<Full path to file>'

Технології

Терміни

Навчання

Міфи

Technical Information

Рекомендации по лечению

Демо бесплатно на 14 дней