Technical Information
- <Current directory>\5t.exe
- <Current directory>\f6.exe
- %WINDIR%\fonts\226.dll
- from <Current directory>\5t.exe to %TEMP%\1196574\....\temporaryfile
- from <Full path to file> to %TEMP%\1192456\....\temporaryfile
- 'bx#####120036.my3w.com':80
- http://bx#####120036.my3w.com/cjzs.html
- DNS ASK bx#####120036.my3w.com
- '<Current directory>\5t.exe'
- '%WINDIR%\syswow64\rundll32.exe' url.dll,FileProtocolHandler