Техническая информация
- %TEMP%\misdbovmpvsfokvie.exe
- %TEMP%\del23166.bat
- <DRIVERS>\vscvkviewnsfthew.sys
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mouve[1].gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mouve[1].gif
- 'ba####.cyad.co.kr':80
- ba####.cyad.co.kr/mouve.gif
- DNS ASK ba####.cyad.co.kr