Техническая информация
- %APPDATA%\troyano.exe
- %TEMP%\DOS ATTACK.exe
- %TEMP%\troyano.exe
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:"%TEMP%\RES2.tmp"" "%TEMP%\CSC1.tmp"
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\csc.exe /noconfig /fullpaths @"%TEMP%\o_deib2w.cmdline"
- %TEMP%\RES2.tmp
- %TEMP%\CSC1.tmp
- %APPDATA%\troyano.exe
- %TEMP%\o_deib2w.dll
- %TEMP%\o_deib2w.out
- %TEMP%\DOS ATTACK.exe
- %TEMP%\troyano.exe
- %TEMP%\o_deib2w.cmdline
- %TEMP%\o_deib2w.0.cs
- %TEMP%\o_deib2w.dll
- %TEMP%\o_deib2w.out
- %TEMP%\o_deib2w.0.cs
- %TEMP%\RES2.tmp
- %TEMP%\CSC1.tmp
- %TEMP%\o_deib2w.cmdline
- 'to#.##ardspace.us':80
- to#.##ardspace.us/div/LOIC_version.php?cv########
- DNS ASK to#.##ardspace.us
- ClassName: 'Shell_TrayWnd' WindowName: ''