Technical Information
- %APPDATA%\clinkm2.data
- %HOMEPATH%\desktop\<File name>.lnk
- %APPDATA%\awsip\cloudx200005726.ip
- <Current directory>\update.temp
- <Current directory>\update.exe
- %HOMEPATH%\desktop\<File name>.lnk
- <Current directory>\update.temp
- '10#.#6.13.253':511
- '10#.#6.136.7':511
- '10#.#6.13.252':511
- 're##.#sasnet.net':511
- '10#.#6.139.198':300
- '10#.#6.13.230':300
- '10#.#6.106.202':300
- '10#.#6.107.233':300
- 'm1###.####cn-hangzhou.aliyuncs.com':80
- http://m1###.####cn-hangzhou.aliyuncs.com/MH1.exe
- '10#.#6.13.253':511
- '10#.#6.13.230':300
- '10#.#6.107.233':300
- '10#.#6.106.202':300
- DNS ASK re##.#sasnet.net
- DNS ASK m1###.####cn-hangzhou.aliyuncs.com
- '<Current directory>\update.exe' "<File name>.exe" "????[?].exe"