Technical Information
- %WINDIR%\syswow64\notepad.exe
- '21#.#9.11.150':33333
- '10#.#2.75.22':8099
- http://10#.##.75.22:8099/rbfAsn49mvZfel57PkrD-wCKQldlU597HPmzc-qaprtu_l3Phr3T-VjF55pCiixRvtbJLrpAcbEp3hodrWTRt9f9Z38MxppJkgdG85gYSiHmIGx4AFVFgRWxT6zEZfmhg1y99dzL4XSazNKsIeq7fF0p_1jCCGOfjM72Z7Rr...
- http://qq###.micrsoft.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books
- '21#.#9.11.150':33333
- '%WINDIR%\syswow64\notepad.exe' ' (with hidden window)
- '%WINDIR%\syswow64\notepad.exe'