Техническая информация
- '<LS_APPDATA>\{CELE61VS-THAF-W10V-ZMC1-K4SEI7XEACP8}\8az76z7g.exe'
- '<LS_APPDATA>\{CELE61VS-THAF-W10V-ZMC1-K4SEI7XEACP8}\5wzuvmuzpkfha.exe'
- '<LS_APPDATA>\Temp\Libzips.exe'
- '<LS_APPDATA>\{CELE61VS-THAF-W10V-ZMC1-K4SEI7XEACP8}\8az76z7g.exe' (загружен из сети Интернет)
- '<LS_APPDATA>\{CELE61VS-THAF-W10V-ZMC1-K4SEI7XEACP8}\5wzuvmuzpkfha.exe' (загружен из сети Интернет)
- '<SYSTEM32>\ipconfig.exe' /renew
- '<SYSTEM32>\ipconfig.exe' /flushdns
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\newhost[1].mid
- <LS_APPDATA>\{CELE61VS-THAF-W10V-ZMC1-K4SEI7XEACP8}\8az76z7g.exe
- <LS_APPDATA>\{CELE61VS-THAF-W10V-ZMC1-K4SEI7XEACP8}\5wzuvmuzpkfha.exe
- <LS_APPDATA>\Temp\Libzips.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\hostnew[1].mid
- 'se######eubebo.noads.biz':80
- 'www.we#########gyn.clientewebhost.com.br':80
- 'www.go###e.com.br':80
- www.we#########gyn.clientewebhost.com.br/newhost.mid
- se######eubebo.noads.biz/membros.php
- www.we#########gyn.clientewebhost.com.br/hostnew.mid
- DNS ASK se######eubebo.noads.biz
- DNS ASK www.we#########gyn.clientewebhost.com.br
- DNS ASK www.go###e.com.br
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'