Technical Information
- %WINDIR%\syswow64\rmactivate.exe
- C:\gdggg6f6ge.ini
- <Current directory>\config.ini
- <Current directory>\post
- C:\gdggg6f6ge.ini
- <Current directory>\post
- <Full path to file>
- <Current directory>\post
- http://FI##.##00001.COM:1714/CFBED/CFBED.txt?11#####
- http://FI##.##00001.COM:1714/CFBED/CFBEDpuppet.Txt?12#####
- http://fi##.##00001.com:1714/Data/zzkrg9wuzg0z1xbwrkurdgdmpug9xdbwkmr10wpz9pbtdxhpzbp9hrut1zmmurk1hzmhzw9kuzxmpmgdr0h1mmpz1hxk11dzgggzxmtd9ruhtu32303231C4EA31D4C23134C8D536CAB13235B7D635C3EB.tx...
- http://FI##.##00001.COM:1714/CFBED/Tips.ini?12#####
- DNS ASK fi##.#f00001.com
- ClassName: 'CrossFire' WindowName: ''
- '%WINDIR%\syswow64\rmactivate.exe'