Техническая информация
- '%TEMP%\krofi.exe'
- '%TEMP%\fqtuk.exe'
- '%TEMP%\ngyep.exe'
- '%TEMP%\qyaag.exe'
- '%TEMP%\fqtuk.exe' (загружен из сети Интернет)
- '%TEMP%\qyaag.exe' (загружен из сети Интернет)
- '%TEMP%\krofi.exe' (загружен из сети Интернет)
- %TEMP%\krofi.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\pb40[1].tar
- %TEMP%\fqtuk.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\h153[1].tar
- %TEMP%\ngyep.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\68u2[1].tar
- %TEMP%\qyaag.exe
- 'be###ana.com':80
- 'up####ebeauty.com':80
- '94.##.247.202':80
- 'fe#####dframesstore.com':80
- be###ana.com/img/h153.tar
- 94.##.247.202/0608uk2/CRNJEUFU/41/5/4/
- 94.##.247.202/0608heap/CRNJEUFU/41/5/4/
- 94.##.247.202/0608pre/CRNJEUFU/41/5/4/
- up####ebeauty.com/img/about/pb40.tar
- 94.##.247.202/0608uk2/CRNJEUFU/1/0/0/
- 94.##.247.202/0608uk2/CRNJEUFU/0/51-SP2/0/
- 94.##.247.202/0608heap/CRNJEUFU/1/0/0/
- fe#####dframesstore.com/download/68u2.tar
- 94.##.247.202/0608pre/CRNJEUFU/1/0/0/
- DNS ASK up####ebeauty.com
- DNS ASK be###ana.com
- DNS ASK fe#####dframesstore.com