Техническая информация
- <SYSTEM32>\ping.exe -n 1 localhost
- <SYSTEM32>\cmd.exe /c """%TEMP%\d.bat"" "
- <SYSTEM32>\wscript.exe ""%TEMP%\b.vbs""
- %TEMP%\d.bat
- %TEMP%\ua54.html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\redirect[1].php
- %TEMP%\b.vbs
- %TEMP%\nsk2.tmp
- %TEMP%\burl.txt
- %TEMP%\stub.exe
- %TEMP%\ua54.html
- %TEMP%\burl.txt
- 'wo######-anime-videos.com':80
- 'localhost':1037
- wo######-anime-videos.com/redirect.php
- DNS ASK wo######-anime-videos.com
- ClassName: '#32770' WindowName: 'Setup Complete'
- ClassName: '#32770' WindowName: 'Installing...'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '#32770' WindowName: 'Welcome'
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '#32770' WindowName: 'File Download - Security Warning'