Техническая информация
- '%TEMP%\nylthewfpoi\cache.exe' (загружен из сети Интернет)
- '<SYSTEM32>\ntvdm.exe' -f -i1
- '%TEMP%\nylthewfpoi\cache.exe'
- <SYSTEM32>\ntvdm.exe
- %WINDIR%\Temp\scs1.tmp
- %WINDIR%\Temp\scs2.tmp
- %TEMP%\nylthewfpoi\ErrorReporter.exe
- %TEMP%\nylthewfpoi\cache.exe
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- 'ru###eates.com':80
- 'wh###mi.us.to':80
- http://ru###eates.com/engine/download.php?id####
- http://wh###mi.us.to/custom.xored
- DNS ASK ru###eates.com
- DNS ASK wh###mi.us.to
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-b2c.b30.380001'