Техническая информация
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -nohome
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\index[1].aspx
- %HOMEPATH%\Desktop\模拟炒股现金奖励.lnk
- %HOMEPATH%\Desktop\汇智易投龙虎榜+.lnk
- из <Полный путь к вирусу> в <Текущая директория>\cdgvc.lhb.tdx.vip.exe
- 'cd####.vipsinaapp.com':80
- 'www.wi##45.com':80
- 'localhost':1039
- http://cd####.vipsinaapp.com/ver.php
- http://cd####.vipsinaapp.com/pan.php
- http://www.wi##45.com/index.aspx?fr##############
- DNS ASK cd####.vipsinaapp.com
- DNS ASK www.wi##45.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''