Technical Information
- <Current directory>\le5kmzga4evzmu7.exe
- <Current directory>\config.ini
- from <Full path to file> to %TEMP%\le5kmzga4evzmu7\....\le5kmzga4evzmu7
- 'te##.##sthotel360.com':80
- http://te##.##sthotel360.com/001/puppet.Txt?41####
- http://te##.##sthotel360.com/Data/hbXjFXpN9AO73w9Gn0pM6aUOfxkdaPrMWH03jFBYnCZSPe33jgY8bCfwrgZJGXnm2j2LFN1bv1ambpcWFMFql3Jfkf4dUGblyHdVnyRm3OFSeuNHv32303231C4EA39D4C231C8D53132CAB13530B7D63235C3...
- http://te##.##sthotel360.com/001/Tips.txt?42####
- DNS ASK te##.##sthotel360.com
- ClassName: 'Progman' WindowName: 'Program Manager'
- ClassName: 'CrossFire' WindowName: ''
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns