Техническая информация
- '<SYSTEM32>\tskill.exe' teatimer
- '<SYSTEM32>\cmd.exe' /c <SYSTEM32>\WINsystem32.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\whatismyip[1]
- <SYSTEM32>\WINsystem32.bat
- <SYSTEM32>\WinKernel32.exe
- 'www.wh###smyip.org':80
- 'localhost':1035
- www.wh###smyip.org/
- DNS ASK www.wh###smyip.org
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'