Technical Information
- <Current directory>\jl.pdf
- C:\users\public\qq.exe
- %LOCALAPPDATA%\adobe\color\profiles\wscrgb.icc
- %LOCALAPPDATA%\adobe\color\profiles\wsrgb.icc
- %LOCALAPPDATA%\adobe\color\acecache11.lst
- %TEMP%\a9r1l6w5ju_bx4qu3_204.tmp
- from <Full path to file> to C:\users\public\asfqgqqvebggabvqegvaqg
- '11#.#32.62.71':8081
- http://11#.##2.62.71:8081/uW7Y via 11#.#32.62.71
- http://11#.##2.62.71:8081/visit.js via 11#.#32.62.71
- 'C:\users\public\qq.exe'
- '%WINDIR%\syswow64\cmd.exe' " /c " <Current directory>\jl.pdf' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' " /c " <Current directory>\jl.pdf
- '%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\acrord32.exe' "<Current directory>\jl.pdf"