Техническая информация
- <SYSTEM32>\winlogon.exe
- <SYSTEM32>\hplist.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\d[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\h[1].php
- <SYSTEM32>\mn_hp.dll
- <SYSTEM32>\mn_mon.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\h[1].php
- 'c3.##ooker.net':80
- c3.##ooker.net/h.php
- c3.##ooker.net/d.php
- DNS ASK c3.##ooker.net