Техническая информация
- '<SYSTEM32>\regini.exe' "%TEMP%\292609.ini"
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %TEMP%\292609.ini
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\292609.ini
- 'wm.###guogeng.com':80
- 'dl###1.qq.com':80
- 'lo#.#tddn.com':80
- wm.###guogeng.com/wm3000/9249.rar
- wm.###guogeng.com/wm3000/2428.rar
- wm.###guogeng.com/wm3000/9054.rar
- wm.###guogeng.com/wm3000/5823.rar
- wm.###guogeng.com/wm3000/8681.rar
- wm.###guogeng.com/wm3000/2600.rar
- wm.###guogeng.com/wm3000/4842.rar
- dl###1.qq.com/invc/tt/QQBrowser_Setup_ExternalForum_15649.exe
- lo#.#tddn.com/UpLog/worklog.asp?Na#############################################
- lo#.#tddn.com/UpLog/worklog.asp?Na##############################################
- wm.###guogeng.com/wm3000/839.rar
- wm.###guogeng.com/wm3000/5893.rar
- lo#.#tddn.com/UpLog/worklog.asp?Na###################################################
- DNS ASK do##.#z-guogeng.com
- DNS ASK wm.###guogeng.com
- DNS ASK do##.dtddn.com
- DNS ASK lo#.#tddn.com
- DNS ASK dl###1.qq.com