Техническая информация
- %HOMEPATH%\Start Menu\Programlar\Baюlangэз\ProKoxp.exe
- %HOMEPATH%\Start Menu\Programlar\Baюlangэз\IEXPLORE.EXE
- %HOMEPATH%\Start Menu\Programlar\Baюlangэз\lsass.exe
- %HOMEPATH%\Start Menu\Programlar\Baюlangэз\ProKoxp.exe
- %HOMEPATH%\Start Menu\Programlar\Baюlangэз\dinput8.dll
- %HOMEPATH%\Start Menu\Programlar\Baюlangэз\AttackSettings.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\ip[1].asp
- <SYSTEM32>\zlib.dll
- <SYSTEM32>\MSWINSCK.OCX
- %HOMEPATH%\Start Menu\Programlar\Baюlangэз\IEXPLORE.EXE
- %TEMP%\ProKoxp.exe
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %HOMEPATH%\Start Menu\Programlar\Baюlangэз\lsass.exe
- %TEMP%\Uninstall.ini
- %TEMP%\Uninstall.exe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- 'any':445
- 'ir#.#hoopa.net':6667
- '78.##5.209.100':200
- 'any':444
- 'ir#.dal.net':6667
- 'localhost':1038
- 'www.mi###osoft.com':80
- www.mi###osoft.com/ip.asp
- DNS ASK ir#.#hoopa.net
- DNS ASK www.mi###osoft.com
- DNS ASK ir#.dal.net
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''