Техническая информация
- '<SYSTEM32>\wscript.exe' "C:\java.js"
- 'C:\7za.exe' (загружен из сети Интернет)
- 'C:\7za.exe' x \updater1310.zip -ptrabalhonovo2016 -o\
- '%TEMP%\jds132500.tmp\java.exe'
- 'C:\java.exe'
- C:\7za.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\7za[1].exe
- C:\updater1310.zip
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\U98D4X8H\novoTrabalho[1].zip
- C:\java.js
- C:\java.exe
- %TEMP%\jds132500.tmp\jds132593.tmp
- %TEMP%\jusched.log
- %TEMP%\jds132500.tmp\jds132593.tmp в %TEMP%\jds132500.tmp\java.exe
- 'fr#####nloads2016.com':80
- 'localhost':1037
- http://fr#####nloads2016.com/trabalhando1310/novoTrabalho.zip
- http://fr#####nloads2016.com/trabalhando1310/7za.exe
- DNS ASK fr#####nloads2016.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''