Техническая информация
- '<LS_APPDATA>\local.exe'
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\update2013[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\update2013[1].php
- <LS_APPDATA>\local.exe
- <Текущая директория>\<Имя вируса>\Korea Economic Trends_Weekly Insight_111113.pdf
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\update2013[1].php
- 'localhost':1039
- 'w.###gov.net':80
- 'localhost':1036
- w.###gov.net/1113d/update2013.php
- DNS ASK w.###gov.net
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'