Technical Information
- '%WINDIR%\syswow64\taskkill.exe' /f /im <File name>.exe
- <Current directory>\data\login.ini
- <Current directory>\×ô¶¯éý¼¶.exe
- <Current directory>\gqkd.zip
- <Current directory>\¹ìçç¿ìµý²éñ¯öúêö.exe
- <Current directory>\¸üðâëµã÷.txt
- <Current directory>\gqkd.zip
- http://www.xm##68.com/soft/gqkd.zip
- http://11#.##.45.197:8090/gqkd/new1.php?id######## via 11#.#9.45.197
- DNS ASK xm##68.com
- ClassName: '' WindowName: ''
- '<Current directory>\×ô¶¯éý¼¶.exe'
- '%WINDIR%\syswow64\taskkill.exe' /f /im <File name>.exe' (with hidden window)