Technical Information
- '' (downloaded from the Internet)
- %WINDIR%\software.exe
- from %WINDIR%\software.exe to %TEMP%\1041993\....\temporaryfile
- from <Full path to file> to %TEMP%\1041915\....\temporaryfile
- '11#.#80.195.6':6550
- http://11#.##0.195.6:6550/wenjianjia/pubg.exe via 11#.#80.195.6
- '%WINDIR%\software.exe'
- '%WINDIR%\software.exe' ' (with hidden window)