Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001] 'LibraryPath' = 'mswsock.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003] 'LibraryPath' = 'mswsock.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007] 'PackedCatalogItem' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008] 'PackedCatalogItem' = ''
- <SYSTEM32>\services.exe
- %WINDIR%\dmp_0x098C_0x00500000.alloc
- %WINDIR%\dmp_0x098C_0x00440000.alloc
- %WINDIR%\dmp_0x098C_0x00620000.alloc
- %WINDIR%\dmp_0x098C_0x00510000.alloc
- %WINDIR%\dmp_0x098C_0x003B0000.alloc
- %WINDIR%\dmp_0x098C_0x00380000.alloc
- %WINDIR%\dmp_0x098C_0x00370000.alloc
- %WINDIR%\dmp_0x098C_0x003A0000.alloc
- %WINDIR%\dmp_0x098C_0x00390000.alloc
- %WINDIR%\dmp_0x098C_0x00920000.alloc
- %WINDIR%\dmp_0x098C_0x7FFDC000.alloc
- %WINDIR%\dmp_0x098C_0x7FFB0000.alloc
- %WINDIR%\dmp_0x098C_0x7FFE0000.alloc
- %WINDIR%\dmp_0x098C_0x7FFDF000.alloc
- %WINDIR%\dmp_0x098C_0x7F6F0000.alloc
- %WINDIR%\dmp_0x098C_0x00990000.alloc
- %WINDIR%\dmp_0x098C_0x00950000.alloc
- %WINDIR%\dmp_0x098C_0x00BCD000.alloc
- %WINDIR%\dmp_0x098C_0x00ACF000.alloc
- %WINDIR%\dmp_0x098C_0x00020000.alloc
- %WINDIR%\dmp_0x098C_0x00010000.alloc
- %WINDIR%\dmp_0x098C_0x00130000.alloc
- %WINDIR%\dmp_0x098C_0x00030000.alloc
- %WINDIR%\assembly\GAC\Desktop.ini
- <LS_APPDATA>\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\n
- <LS_APPDATA>\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\@
- %WINDIR%\Installer\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\n
- %WINDIR%\Installer\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\@
- %WINDIR%\dmp_0x098C_0x00140000.alloc
- %WINDIR%\dmp_0x098C_0x002C0000.alloc
- %WINDIR%\dmp_0x098C_0x00280000.alloc
- %WINDIR%\dmp_0x098C_0x00320000.alloc
- %WINDIR%\dmp_0x098C_0x00310000.alloc
- %WINDIR%\dmp_0x098C_0x00260000.alloc
- %WINDIR%\dmp_0x098C_0x00164000.alloc
- %WINDIR%\dmp_0x098C_0x00151000.alloc
- %WINDIR%\dmp_0x098C_0x00250000.alloc
- %WINDIR%\dmp_0x098C_0x00240000.alloc
- %WINDIR%\Installer\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\@
- %WINDIR%\Installer\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\n
- <LS_APPDATA>\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\@
- <LS_APPDATA>\{2ebe1c2e-2a38-cb36-436c-4d1cb8c2630c}\n
- '21#.#08.252.185':80
- 'pr####.fling.com':80
- 21#.#08.252.185/5699145-24B8EBEDAA47374020E664A2406FB684/counter.img?th###############################
- pr####.fling.com/geo/txt/city.php
- DNS ASK ��#2�
- DNS ASK ��#��Z+
- DNS ASK ��#*��q
- DNS ASK ��#�$�
- DNS ASK ��#}$�
- DNS ASK ��#��L
- DNS ASK pr####.fling.com
- DNS ASK ��#��yl
- DNS ASK ��#IQQ
- '10#.#.177.235':16471
- '72.##3.143.28':16471
- '69.##5.114.28':16471
- '98.##2.72.36':16471
- '85.##9.216.32':16471
- '12#.#54.39.30':16471
- '5.##.37.244':16471
- '2.##.100.17':16471
- '75.##9.126.244':16471
- '74.#5.5.27':16471
- '12#.#9.67.23':16471
- '97.#5.46.18':16471
- '79.##1.22.232':16471
- '67.##.116.50':16471
- '76.##7.20.49':16471
- '17#.#3.53.47':16471
- '82.##.141.53':16471
- '94.##1.193.51':16471
- '80.#0.61.51':16471
- '68.##4.232.227':16471
- '20#.#16.247.42':16471
- '50.#.206.41':16471
- '96.##.235.46':16471
- '85.#36.0.46':16471
- '68.##.143.44':16471
- '15#.#8.241.16':16471
- '20#.#50.254.254':16471
- '88.##2.254.254':16471
- '95.##2.254.254':16471
- '11#.#44.254.254':16471
- '76.##6.254.254':16471
- '89.##7.254.254':16471
- '75.##4.254.254':16471
- '88.##4.254.254':16471
- '11#.#54.254.254':16471
- '19#.#53.254.254':16471
- '1.###.254.254':16471
- '10.##4.254.254':16471
- '11#.#42.254.254':16471
- '74.##3.138.11':16471
- '24.#.79.10':16471
- '85.##1.186.7':16471
- '79.##3.177.16':16471
- '71.#31.0.15':16471
- '24.##0.178.11':16471
- '72.#28.32.2':16471
- '79.##1.254.254':16471
- '74.##2.254.254':16471
- '97.#1.113.6':16471
- '18#.#0.192.4':16471
- '71.#25.2.4':16471