Technical Information
- <PATH_SAMPLE>.pdf
- %WINDIR%\temp\officeim.exe
- %WINDIR%\temp\tencentsvc.exe
- from <Full path to file> to \:edr
- 'q5###.####cn-beijing.aliyuncs.com':443
- '12#.#7.235.23':443
- 'q5###.####cn-beijing.aliyuncs.com':443
- '12#.#7.235.23':443
- DNS ASK q5###.####cn-beijing.aliyuncs.com
- '%WINDIR%\temp\officeim.exe'
- '%WINDIR%\temp\tencentsvc.exe'
- '%WINDIR%\temp\tencentsvc.exe' ' (with hidden window)
- '%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\acrord32.exe' "<PATH_SAMPLE>.pdf"