Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\ns2.exe
- %HOMEPATH%\Start Menu\Programs\Startup\ns1.exe
- %TEMP%\nsd3.tmp\ns4.tmp net stop WSCSVC
- <SYSTEM32>\net1.exe stop WSCSVC
- <SYSTEM32>\net.exe stop WSCSVC
- %TEMP%\nsd3.tmp\ns4.tmp
- %TEMP%\nsd3.tmp\NSISdl.dll
- %TEMP%\nsn2.tmp
- %TEMP%\nsd3.tmp\nsExec.dll
- %TEMP%\nsd3.tmp\ns4.tmp
- 'fr####service.cn':80
- fr####service.cn/whois/ns2.exe
- fr####service.cn/whois/ns1.exe
- DNS ASK fr####service.cn