Техническая информация
- '<SYSTEM32>\wscript.exe' "C:\Proxy.vbs"
- '<SYSTEM32>\cmd.exe' /c C:\Start.bat
- C:\Conf.txt
- <DRIVERS>\etc\hostsj
- C:\Proxy.vbs
- C:\Start.bat
- C:\Start.bat
- C:\Proxy.vbs
- <DRIVERS>\etc\hosts
- 'ar#####bcasas.kilu.biz':80
- 'ws###s.kilu.biz':80
- 'localhost':1038
- ar#####bcasas.kilu.biz/noti.php?pc#############
- ws###s.kilu.biz/eul.txt
- DNS ASK ar#####bcasas.kilu.biz
- DNS ASK ws###s.kilu.biz
- ClassName: 'MS_WINHELP' WindowName: ''