Technical Information
- %LOCALAPPDATA%\blossloms\fracturesl.exe
- %APPDATA%\roaming\7654llq\7654llqpb\7654pb.exe
- %APPDATA%\7654liulanqi\7654liulanqitips\7654llqtips.exe
- %APPDATA%\screensaver\dll\b783bf59e9a5fde38128b7e320e78fed
- %APPDATA%\roaming\7654liulanqi\7654llqyptips\llqyptips.exe
- %APPDATA%\llq\12all-allall\aiouniya.exe
- %APPDATA%\7654liulanqi\7654llqtuopan\7654llqtuopan.exe
- 'ne##.698283.vip':80
- http://do###.####browser.shzhanmeng.com/logo/v1.0.0.2/super.gif.MD5
- http://do###.##54browser.vfpzmg.cn/tui/tips/Tnews/tnewsplus/tnewsplus.json
- http://do###.##54browser.vfpzmg.cn/tui/tips/tray/v1.0.0.3/traytip-3.exe
- http://sc######vers.shzhanmeng.com/lua/v1.0.0.1/common.gif
- http://sc######vers.shzhanmeng.com/lua/v1.0.0.1/common.gif.MD5
- http://do###.##54browser.vfpzmg.cn/tui/package/tnewsplus/v1.0.5.4/TNewsPlus.gif
- http://sc######vers.shzhanmeng.com/lua/v1.0.0.1/super.gif
- http://sc######vers.shzhanmeng.com/lua/v1.0.0.1/super.gif.MD5
- http://do###.##54browser.vfpzmg.cn/tui/yptips/intervals.json
- http://do###.##54browser.vfpzmg.cn/tui/tips/tipsplus2/crawlconfig.json
- http://do###.##54browser.vfpzmg.cn/tui/tips/Tnews/tnewsplus/v1.0.1.8/tnewsplus-2.exe
- http://ss####ort.7654.com/ssp/user_click?co######################################################################################################################################################...
- http://do###.##54browser.vfpzmg.cn/tui/package/yptips/v1.0.1.1/YpTips.gif
- http://ne##.7654.com/tipsdsp/libs/images/closebutton/8_w.png?v=#############
- http://ss#.#654.com/ssp/v2/ads?qi################################################################################################################################################################...
- http://ne##.7654.com/tipsdsp/13/assets/s11.js?v=######
- http://ne##.7654.com/tipsdsp/libs/script/hytech11.js?v=#####
- http://ne##.7654.com/tipsdsp/libs/script/zmdsp_t.js?v=#####
- http://ne##.7654.com/tipsdsp/libs/script/zhike.js?v=######
- http://ne##.7654.com/tipsdsp/libs/script/kgdsp.js?v=#####
- http://ne##.7654.com/tnewsdsp/09/s11/?pr#########################################################################################################################################################...
- http://ne##.7654.com/tnewsdsp/libs/swiper/idangerous.swiper.css
- http://ad#.#654.com/prod/news.698283.vip.tnews_ad360.09.s11.sf.html.json?v=#############
- http://ne##.7654.com/tnewsdsp/libs/script/jquery.min.js
- http://ne##.7654.com/tnewsdsp/09/s11/index.js?v=####
- http://ne##.7654.com/tnewsdsp/libs/script/xmdsp.js?v=#####
- http://ne##.7654.com/tnewsdsp/libs/script/hytech.js?v=#####
- http://ne##.7654.com/tnewsdsp/libs/script/yp.js?v=###
- http://ne##.7654.com/tnewsdsp/libs/script/zm.js?v=###
- http://do###.##54browser.vfpzmg.cn/tui/package/traytip/v1.0.6.0/TrayTip.gif
- http://ne##.7654.com/tnewsdsp/libs/script/get360.js?v=###
- http://ne##.7654.com/tnewsdsp/libs/script/zhike.js?v=###
- http://ne##.7654.com/tnewsdsp/libs/script/shdsp3.js?v=#####
- http://ne##.7654.com/tnewsdsp/libs/script/shdsp2.js?v=#####
- http://ne##.7654.com/tnewsdsp/libs/sh_config.js?v=#####
- http://ne##.7654.com/tnewsdsp/libs/script/kgdsp.js?v=#####
- http://ne##.7654.com/tnewsdsp/libs/script/redirectSf.js?v=####
- http://ne##.7654.com/tnewsdsp/libs/config.js?v=####
- http://ne##.7654.com/tnewsdsp/libs/script/shdsp.js?v=####
- http://ne##.7654.com/tnewsdsp/libs/script/base.js?v=#####
- http://ne##.7654.com/tnewsdsp/libs/swiper/idangerous.swiper.min.js
- http://ne##.7654.com/tnewsdsp/libs/script/jquery.base64.js
- http://ne##.7654.com/tnewsdsp/libs/script/jquery.cookie.domain.js
- http://ne##.7654.com/tipsdsp/libs/script/shdsp3.js?v=#####
- http://ne########99349.file.myqcloud.com/ssp/5ff7fa1eba042.png
- http://ne##.7654.com/tipsdsp/libs/script/shdsp2.js?v=#####
- http://ne##.7654.com/mini_new4/0613/statics/assets/images/point.png
- http://ne##.7654.com/mini_new4/0613/statics/assets/images/toggle_nav.png
- http://ne##.7654.com/mini_new4/0613/statics/assets/css/index.css?v=##################
- http://ne##.7654.com/mini_new4/0613/statics/common/css/idangerous.swiper.css
- http://ne##.7654.com/mini_new4/0613/?qi##########################################################################################################################################################...
- http://do###.##54browser.vfpzmg.cn/tui/mininews/mininewsplus/ffzdr.png
- http://do###.##54browser.vfpzmg.cn/tui/tips/tipsplus2/v1.0.3.5/tipsplus2-1.exe
- http://br#####.shzhanmeng.com/browser/stamp_trace?co#############################################################################################################################################...
- http://ss#.#654.com/ct?mi########################################################################################################################################################################...
- http://ho#####.dftoutiao.com/hotwordsnews/getnews?qi######################################
- http://do###.##54browser.vfpzmg.cn/tui/screensaver/v1.0.8.2/screen_saver-5.exe
- http://do###.##54browser.vfpzmg.cn/tui/package/mininewsplus/v5.0.295.55/MiniNewsPlusModule.gif
- http://do###.##54browser.vfpzmg.cn/tui/package/mininewsplus/v5.0.271.93/mininews-2.exe
- http://do###.####browser.shzhanmeng.com/6645c41d54d23ef884bb8eb455fce1fd.json
- http://ss#.#654.com/userTypes?Qr##################################################################################
- http://ca####.shzhanmeng.com/fox_host/fox/get
- http://ky######on.dftoutiao.com/position/get02
- http://do###.####browser.shzhanmeng.com/logo/v1.0.0.2/uc.gif
- http://do###.####browser.shzhanmeng.com/logo/v1.0.0.2/uc.gif.MD5
- http://do###.####browser.shzhanmeng.com/logo/v1.0.0.2/super.gif
- http://sc######vers.shzhanmeng.com/n/ss.json
- http://ne##.7654.com/mini_new4/0613/statics/assets/images/feedback.png
- http://ne##.7654.com/tipsdsp/libs/script/zmdsp_new.js?v=#####
- http://ne##.7654.com/mini_new4/0613/statics/assets/images/message.png
- http://ne##.7654.com/tipsdsp/libs/script/shdsp_new.js?v=######
- http://ne##.7654.com/tipsdsp/libs/config.js?v=###
- http://ne##.7654.com/tipsdsp/libs/script/common.js
- http://ne##.7654.com/tipsdsp/libs/script/json2.js
- http://ne##.7654.com/tipsdsp/libs/swiper/idangerous.swiper.min.js
- http://ne##.7654.com/tipsdsp/libs/script/jquery.base64.js
- http://ne##.7654.com/tipsdsp/libs/script/jquery.cookie.domain.js
- http://ne##.7654.com/tipsdsp/libs/script/jquery.min.js
- http://ne##.7654.com/tipsdsp/libs/css/zhike.css?v=#####
- http://ne##.7654.com/tipsdsp/libs/swiper/idangerous.swiper.css
- http://ne##.7654.com/tipsdsp/13/s11/?pr##########################################################################################################################################################...
- http://do###.##54browser.vfpzmg.cn/tui/tips/tipsplus2/tipsplus2.json
- http://do###.####browser.shzhanmeng.com/tui/tips/2/tips2-1.zip.MD5
- http://do###.##54browser.vfpzmg.cn/tui/package/yptips/v1.0.0.1/YpTips-1.exe
- http://re####.###eensavers.shzhanmeng.com/screensavers/stamp_trace?co############################################################################################################################...
- http://do###.##54browser.vfpzmg.cn/tui/package/tipsplus2/v1.1.0.2/TipsPlus2.gif
- http://ne##.7654.com/mini_new4/0613/statics/common/js/jquery.min.js
- http://sc######vers.shzhanmeng.com/n/1.0.9.0/B783BF59E9A5FDE38128B7E320E78FED
- http://sc##########-1252899349.file.myqcloud.com/cdn_bandwith_config.json?v=##########
- http://ne##.7654.com/tipsdsp/libs/sh_config.js?v=#####
- http://ss#.#654.com/ssp/list?qi##################################################################################################################################################################...
- http://re####.###eensavers.shzhanmeng.com/screensavers/stamp_trace?co############################################################################################################################...
- DNS ASK do###.####browser.shzhanmeng.com
- DNS ASK ky######on.dftoutiao.com
- DNS ASK ca####.shzhanmeng.com
- DNS ASK ss#.#654.com
- DNS ASK do###.##54browser.vfpzmg.cn
- DNS ASK ho#####.dftoutiao.com
- DNS ASK br#####.shzhanmeng.com
- DNS ASK ne##.7654.com
- DNS ASK re####.###eensavers.shzhanmeng.com
- DNS ASK sc######vers.shzhanmeng.com
- DNS ASK sc##########-1252899349.file.myqcloud.com
- DNS ASK ss####ort.7654.com
- DNS ASK ne########99349.file.myqcloud.com
- DNS ASK ad#.#654.com
- DNS ASK ne##.698283.vip
- ClassName: 'StandardFrame' WindowName: '钉钉'
- ClassName: 'C9CD4F35-4AD6-45d3-8A0E-AC211EB1D13E' WindowName: 'C9CD4F35-4AD6-45d3-8A0E-AC211EB1D13E'
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- ClassName: 'Chrome_MessageWindow' WindowName: 'sc_D7EE826A-3855-4F1B-818C-2571B3AB4F63'
- ClassName: 'ActiveXWnd' WindowName: ''
- ClassName: 'Shell Embedding' WindowName: ''
- ClassName: 'Shell DocObject View' WindowName: ''
- ClassName: 'Internet Explorer_Server' WindowName: ''
- '%LOCALAPPDATA%\blossloms\fracturesl.exe' LXByb2plY3Q9NzY1NEJyb3dzZXIgLWtpbGxwcm9jZXNzPTYwIC1lbmFibGVob21lcGFnZXJhbmQ9MSAtT3B0aW1pemU9MTAgLURpc3BsYXlUaXRsZT03NjU0QnJvd3NlciAtd3JpdGV0Y2s9TGl2ZVVwZGF0ZTM2MCw2MzIgLXVzZXNzcG1vZGU9dHJ1ZSAtV...
- '%APPDATA%\roaming\7654llq\7654llqpb\7654pb.exe' --data=j15N+jIHt/SKiqk1p1rLg5RPPau4w7NTeJiPhe160AX/Y5kfMix8GSaHgQW7gZ/ewNH5oBJu3Wcu1WgC2N6eQRywi4p9IHrbXSbwE/joIYhOyJ5EyOtxI0HiVjnBPoOVzTA4L7sr7fWRRySJDQpTzQNKjCqP326tniEdslv9HU6aOPGu7PnHrDVa
- '%APPDATA%\7654liulanqi\7654liulanqitips\7654llqtips.exe' DKE9AVa1SbbOJmyXXRZaG1aiW0ZaCr3ZNyAm0M3V6p+v4XwytIGuQ317P5g1IkarUJt3p/CQL9HIvNiAyQ9z0j6X8LZwSumMebaCdhhGSi/Po+N4qzy/Kq58awOQRY2w0MMzseqi7TRw9HhjXog+kYJ5asKDzAMqK/5rcwcoNfUViPw8mFcDKbK7tD2HMcJ0n...
- '%APPDATA%\7654liulanqi\7654liulanqitips\7654llqtips.exe' DKE9AVa1SbbOJmyXXRZaG1aiW0ZaCr3ZNyAm0M3V6p+v4XwytIGuQ317P5g1IkarUJt3p/CQL9HIvNiAyQ9z0j6X8LZwSumMebaCdhhGSi/Po+N4qzy/Kq58awOQRY2w0MMzseqi7TRw9HhjXog+kYJ5asKDzAMqK/5rcwcpNfUViPw8mFcDKbK7tD2HMcJ0n...
- '%APPDATA%\roaming\7654liulanqi\7654llqyptips\llqyptips.exe' fWx/zaPyC+QkBvFot8Ii5W4GyHUfljPLdhyG0qnUh8qGWYkv88KGSP/EkchHGSBHkFqxI0mHV0U8s9zlSxx9lCMOaJ1OFYp8B3VBEjp15S+EdwSd25FallCQm0gN+AWboGQ0MeRbrnNlHlo25YijVpOqNl9Kj4UoGG/KVhSQGyWY/adGph9sh2q1AsaShzgL4...
- '%APPDATA%\llq\12all-allall\aiouniya.exe' NmAgdnnsYEqDfT120eROoBNXwK8pdBo//dtXmXwB4k+xeIKtPRKGfPm3fLnLtdfhXYI29nLmd4HrUL9NnODvgW8MlV138pBDv1MzwYgzHTtw3LGENg1Gfb+s9vytfIYRndOQD8wVoLzs9188kBvrdTDv9uEMtJMpd3/eS13MH8MT72r0CsIse1efd7xQl9pN4...
- '%APPDATA%\7654liulanqi\7654llqtuopan\7654llqtuopan.exe' klCihAf5kfn4WdVPq/v+suToJtDcsYJnnqNAsDibESgLgZ3bqVx/KeRe+4DdwFNyeV1ZUH5hwQdBLYBcUKDsISiJLpb3GXOhsNFaVxqGZqHGTq0y3vBR4QUkZD5WrlI/9dsC++N1IlLEJYtLmtU6uf2VH2OKfqnbj4Ow7K1leKDE44ksoK2sIGpnz2HkOQNtA...