Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001] 'LibraryPath' = 'mswsock.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003] 'LibraryPath' = 'mswsock.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008] 'PackedCatalogItem' = ''
- <SYSTEM32>\cmd.exe
- <SYSTEM32>\services.exe
- %WINDIR%\Explorer.EXE
- %WINDIR%\Installer\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\n
- %WINDIR%\assembly\GAC\Desktop.ini
- %WINDIR%\Installer\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\@
- <LS_APPDATA>\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\@
- <LS_APPDATA>\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\n
- %WINDIR%\Installer\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\@
- %WINDIR%\Installer\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\n
- <LS_APPDATA>\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\@
- <LS_APPDATA>\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\n
- '20#.#08.79.128':80
- 'pr####.fling.com':80
- 20#.#08.79.128/count.php?id#########################
- 20#.#08.79.128/count.php?id########################
- pr####.fling.com/geo/txt/city.php
- 20#.#08.79.128/count.php?id#######################
- DNS ASK �#�
- DNS ASK �#�Qa^
- DNS ASK �#�#wl
- DNS ASK �#��Ę
- DNS ASK �#)�6
- DNS ASK �#�
- DNS ASK pr####.fling.com
- DNS ASK �#�}
- DNS ASK �#�<�
- DNS ASK �#�T+
- '69.##4.122.218':16471
- '12#.#08.227.217':16471
- '88.##9.142.220':16471
- '94.##7.38.219':16471
- '17#.#77.208.216':16471
- '11#.#98.160.214':16471
- '78.##.146.214':16471
- '71.##.223.215':16471
- '68.##8.213.215':16471
- '67.##5.178.221':16471
- '17#.#46.80.225':16471
- '21#.#19.42.225':16471
- '90.##6.57.226':16471
- '87.#.173.225':16471
- '77.#2.8.224':16471
- '88.##.138.222':16471
- '72.#.242.221':16471
- '22#.#08.125.223':16471
- '31.##.195.222':16471
- '76.##.251.212':16471
- '67.##9.187.199':16471
- '18#.#15.47.199':16471
- '89.##9.226.202':16471
- '68.##6.230.200':16471
- '79.##8.158.197':16471
- '67.##7.146.191':16471
- '18#.#33.30.191':16471
- '84.##2.70.195':16471
- '71.##.40.194':16471
- '46.##.187.203':16471
- '18#.#6.247.209':16471
- '76.##.197.208':16471
- '86.##4.71.212':16471
- '20#.#1.61.212':16471
- '21#.#89.165.208':16471
- '17#.#24.190.204':16471
- '10#.#0.60.204':16471
- '17#.#40.173.207':16471
- '68.##4.75.207':16471
- '91.##.233.244':16471
- '89.##.228.244':16471
- '10#.#8.212.245':16471
- '68.##.184.245':16471
- '11#.#88.46.243':16471
- '95.##0.212.240':16471
- '71.##5.158.240':16471
- '11#.#88.40.242':16471
- '11#.#55.83.241':16471
- '78.##9.89.246':16471
- '85.##8.151.251':16471
- '64.##0.154.250':16471
- '21#.#15.15.253':16471
- '11#.#0.207.251':16471
- '74.##7.7.250':16471
- '83.#.73.247':16471
- '62.##7.115.246':16471
- '68.##.198.249':16471
- '14#.#17.108.247':16471
- '68.##6.140.240':16471
- '11#.#04.40.231':16471
- '68.##4.226.230':16471
- '27.##2.146.232':16471
- '13#.#04.117.231':16471
- '12#.#23.78.230':16471
- '81.##2.187.229':16471
- '86.#.70.228':16471
- '75.##3.61.230':16471
- '11#.#11.211.229':16471
- '91.##.24.235':16471
- '69.##7.57.239':16471
- '46.##7.222.238':16471
- '19#.#08.133.240':16471
- '78.##.245.239':16471
- '22#.#89.176.237':16471
- '68.##.59.237':16471
- '82.##.49.236':16471
- '15#.#0.125.237':16471
- '10#.#3.97.237':16471
- ClassName: '' WindowName: 'gfjfdikhgdfoihgidfuhlfgkdjhjklgfluhiluf'