Technical Information
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'aisino_qd_yshs' = '"%ProgramFiles(x86)%\Tax Service\ctibls.exe" update'
- [<HKLM>\Software\Classes\fwkplocalsvrctibls\shell\open\command] '' = '%ProgramFiles(x86)%\Tax Service\ctibls.exe %1'
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'SocialInvoice' = '"%ProgramFiles(x86)%\Aisino\TaxCloud\MainExecuteS.exe"'
- %TEMP%\nsm5b2b.tmp
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-synch-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-synch-l1-2-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-sysinfo-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-timezone-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-util-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-crt-convert-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-crt-environment-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-crt-filesystem-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\getparentpid.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-crt-heap-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-crt-math-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-crt-multibyte-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-crt-runtime-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-crt-stdio-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-crt-string-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-crt-time-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-crt-utility-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\cryp_api.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-rtlsupport-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-string-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-crt-locale-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\decodecert.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-processthreads-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\sm2clt.dll
- %ProgramFiles(x86)%\aisino\taxcloud\taxukeybase.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-console-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-datetime-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-debug-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-errorhandling-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-file-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-file-l1-2-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-file-l2-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-handle-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-heap-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-interlocked-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-libraryloader-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-localization-l1-2-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-memory-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-namedpipe-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-processenvironment-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-processthreads-l1-1-1.dll
- %ProgramFiles(x86)%\aisino\taxcloud\regasm.exe
- %ProgramFiles(x86)%\aisino\taxcloud\api-ms-win-core-profile-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\msvcm90.dll
- %ProgramFiles(x86)%\aisino\taxcloud\imgdecoder-gdip.dll
- %ProgramFiles(x86)%\aisino\taxcloud\ucrtbase.dll
- %ProgramFiles(x86)%\aisino\taxcloud\vccorlib120.dll
- %ProgramFiles(x86)%\aisino\taxcloud\vcruntime140.dll
- %ProgramFiles(x86)%\aisino\taxcloud\zlibwapi.dll
- %TEMP%\nsma44b.tmp
- %TEMP%\nsma44c.tmp\userinfo.dll
- %TEMP%\nsma44c.tmp\system.dll
- %TEMP%\nsma44c.tmp\killprocdll.dll
- %TEMP%\nsma44c.tmp\findprocdll.dll
- %ProgramFiles(x86)%\aisino\taxcloud\imgdecoder-png.dll
- %TEMP%\nsma44c.tmp\accesscontrol.dll
- %ProgramFiles(x86)%\aisino safemgr tool\tokenh.dll
- %ProgramFiles(x86)%\aisino safemgr tool\cryptapi.dll
- %ProgramFiles(x86)%\aisino safemgr tool\cryp_api.dll
- %ProgramFiles(x86)%\aisino safemgr tool\decodecert.dll
- %ProgramFiles(x86)%\aisino safemgr tool\secure.pfx
- %ProgramFiles(x86)%\aisino safemgr tool\uninst.exe
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\aisino safemgr tool\aisino safemgr tool.lnk
- %ProgramFiles(x86)%\aisino\taxcloud\trust.txt
- %ProgramFiles(x86)%\aisino\taxcloud\ssleay32.dll
- %ProgramFiles(x86)%\aisino\taxcloud\utilities.dll
- %ProgramFiles(x86)%\aisino\taxcloud\soui.dll
- %ProgramFiles(x86)%\aisino\taxcloud\soui-sys-resource.dll
- %ProgramFiles(x86)%\aisino\taxcloud\libcrypto-1_1.dll
- %ProgramFiles(x86)%\aisino\taxcloud\libeay32.dll
- %ProgramFiles(x86)%\aisino\taxcloud\libssl-1_1.dll
- %ProgramFiles(x86)%\aisino\taxcloud\log4cxx.dll
- %ProgramFiles(x86)%\aisino\taxcloud\msvcm80.dll
- %ProgramFiles(x86)%\aisino\taxcloud\msvcm90.dll
- %ProgramFiles(x86)%\aisino\taxcloud\msvcp120.dll
- %ProgramFiles(x86)%\aisino\taxcloud\msvcp140.dll
- %ProgramFiles(x86)%\aisino\taxcloud\pcomserver.dll
- %ProgramFiles(x86)%\aisino\taxcloud\msvcp80.dll
- %ProgramFiles(x86)%\aisino\taxcloud\sofc.dll
- %ProgramFiles(x86)%\aisino\taxcloud\msvcr100.dll
- %ProgramFiles(x86)%\aisino\taxcloud\msvcr80.dll
- %ProgramFiles(x86)%\aisino\taxcloud\msvcr90.dll
- %ProgramFiles(x86)%\aisino\taxcloud\msvcrt.dll
- %ProgramFiles(x86)%\aisino\taxcloud\regasm.exe.config
- %ProgramFiles(x86)%\aisino\taxcloud\render-gdi.dll
- %ProgramFiles(x86)%\aisino\taxcloud\sangfor.dll
- %ProgramFiles(x86)%\aisino\taxcloud\shhpt.cait
- %ProgramFiles(x86)%\aisino\taxcloud\msvcp90.dll
- %ProgramFiles(x86)%\aisino\taxcloud\libcurl.dll
- %ProgramFiles(x86)%\aisino\taxcloud\msvcr120.dll
- %ProgramFiles(x86)%\aisino\taxcloud\net_util.dll
- %ProgramFiles(x86)%\aisino\taxcloud\nisec_ukeyc.dll
- %ProgramFiles(x86)%\aisino\taxcloud\microsoft.vc90.crt.manifest
- %ProgramFiles(x86)%\tax service\api-ms-win-core-libraryloader-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-localization-l1-2-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-memory-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-namedpipe-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-processenvironment-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-processthreads-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-processthreads-l1-1-1.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-profile-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-rtlsupport-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-string-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-synch-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-synch-l1-2-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-sysinfo-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-timezone-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-util-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-conio-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-convert-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-handle-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-file-l1-2-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-interlocked-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-file-l2-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-file-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\libssl-1_1.dll
- %ProgramFiles(x86)%\tax service\ctibls.exe
- %ProgramFiles(x86)%\tax service\floatbtn.exe
- %ProgramFiles(x86)%\tax service\taxcloudsetup.exe
- %ProgramFiles(x86)%\tax service\dll_activex_operation.exe
- %ProgramFiles(x86)%\tax service\multi_function.exe
- %ProgramFiles(x86)%\tax service\dll_activex.dll
- %ProgramFiles(x86)%\tax service\ldkpdll.dll
- %ProgramFiles(x86)%\tax service\libcrypto-1_1.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-environment-l1-1-0.dll
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\aisino safemgr tool\uninstall.lnk
- %ProgramFiles(x86)%\tax service\libcurl.dll
- %ProgramFiles(x86)%\tax service\sofc.dll
- %ProgramFiles(x86)%\tax service\lddll.ini
- %ProgramFiles(x86)%\tax service\xml.db
- %ProgramFiles(x86)%\tax service\microsoft.vc90.crt.manifest
- %ProgramFiles(x86)%\tax service\api-ms-win-core-console-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-datetime-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-debug-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-core-errorhandling-l1-1-0.dll
- %TEMP%\nsm5b2c.tmp\killprocdll.dll
- %ProgramFiles(x86)%\tax service\nihility.dll
- %ProgramFiles(x86)%\aisino safemgr tool\safemgr.exe
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-filesystem-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-multibyte-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\log\20201123.txt
- %HOMEPATH%\desktop\云税慧商.lnk
- %TEMP%\nsw8575.tmp\system.dll
- %TEMP%\nsw8575.tmp\killprocdll.dll
- %TEMP%\nsw8575.tmp\killer.dll
- %ProgramFiles(x86)%\aisino\taxcloud\autoupdate.exe
- %ProgramFiles(x86)%\aisino\taxcloud\autoupdate.exe.config
- %ProgramFiles(x86)%\tax service\api-ms-win-core-heap-l1-1-0.dll
- %ProgramFiles(x86)%\aisino\taxcloud\jsdiskdll.dll
- %ProgramFiles(x86)%\aisino\taxcloud\jsdevinfodll.dll
- %ProgramFiles(x86)%\aisino\taxcloud\localcryptapidll.dll
- %ProgramFiles(x86)%\aisino\taxcloud\logctrl.cfg
- %ProgramFiles(x86)%\aisino\taxcloud\mainexecutem.exe
- %ProgramFiles(x86)%\aisino\taxcloud\mainexecutes.exe
- %ProgramFiles(x86)%\aisino\taxcloud\mainexecutex.exe
- %ProgramFiles(x86)%\aisino\taxcloud\microsoft.vc80.crt.cat
- %ProgramFiles(x86)%\aisino\taxcloud\microsoft.vc80.crt.manifest
- %APPDATA%\microsoft\windows\start menu\programs\ôæë°»ûéì\ôæë°»ûéìГøõ¾.lnk
- %ProgramFiles(x86)%\aisino\taxcloud\jxsetup.exe
- %APPDATA%\microsoft\windows\start menu\programs\ôæë°»ûéì\ôæë°»ûéìð¶ôø.lnk
- %ProgramFiles(x86)%\tax service\uninst.exe
- %APPDATA%\microsoft\windows\start menu\programs\ôæë°»ûéì\ôæë°»ûéì·þîñ.lnk
- %ProgramFiles(x86)%\tax service\ôæë°æ±¹ü¼ò.cer
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-private-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-process-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-runtime-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-stdio-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-string-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-time-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-utility-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-heap-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\mfc140u.dll
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-locale-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\msvcp100.dll
- %ProgramFiles(x86)%\tax service\msvcp90.dll
- %ProgramFiles(x86)%\tax service\msvcr100.dll
- %ProgramFiles(x86)%\tax service\msvcr90.dll
- %ProgramFiles(x86)%\tax service\ucrtbase.dll
- %ProgramFiles(x86)%\tax service\vcruntime140.dll
- %ProgramFiles(x86)%\tax service\qdys0001.pfx
- %ProgramFiles(x86)%\tax service\favicon_link_64.ico
- %ProgramFiles(x86)%\tax service\api-ms-win-crt-math-l1-1-0.dll
- %ProgramFiles(x86)%\tax service\trust.txt
- %ProgramFiles(x86)%\tax service\msvcp140.dll
- %ProgramFiles(x86)%\aisino safemgr tool\config\server.config
- %TEMP%\nsw8575.tmp\killer.dll
- %TEMP%\nsw8575.tmp\killprocdll.dll
- %TEMP%\nsw8575.tmp\system.dll
- %TEMP%\nsma44c.tmp\accesscontrol.dll
- %TEMP%\nsma44c.tmp\findprocdll.dll
- %TEMP%\nsma44c.tmp\killprocdll.dll
- %TEMP%\nsma44c.tmp\system.dll
- %TEMP%\nsma44c.tmp\userinfo.dll
- '39.##.109.246':10080
- 'localhost':49174
- 'localhost':49175
- 'ta#.#1fapiao.cn':443
- DNS ASK 91###cloud.com
- DNS ASK ta#.#1fapiao.cn
- '%ProgramFiles(x86)%\tax service\ctibls.exe' -yshs_install
- '%ProgramFiles(x86)%\tax service\taxcloudsetup.exe'
- '%ProgramFiles(x86)%\aisino\taxcloud\mainexecutes.exe'
- '%ProgramFiles(x86)%\aisino\taxcloud\jxsetup.exe'
- '%ProgramFiles(x86)%\aisino safemgr tool\safemgr.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 4 "%ProgramFiles(x86)%\tax service\...
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 4 "%ProgramFiles(x86)%\aisino\taxcl...