Техническая информация
- '<SYSTEM32>\Sock32.dll'
- %PROGRAM_FILES%\GIlee6\Run.zip
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\coolbadman[1].zip
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\coolbadman[1].zip
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\coolbadman[1].zip
- <SYSTEM32>\Sock32.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\coolbadman[1].ini
- %PROGRAM_FILES%\GIlee6\log.dat
- %PROGRAM_FILES%\GIlee6\Run.zip
- %PROGRAM_FILES%\GIlee6\log.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\coolbadman[1].zip
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\coolbadman[1].zip
- %PROGRAM_FILES%\GIlee6\Run.zip
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\coolbadman[1].zip
- 'in#.#88b.com':80
- 'in#.#gkj.com':80
- '60.##0.154.142':9048
- '12#.#14.148.28':9408
- '12#.#26.129.188':9048
- in#.#gkj.com/soft/58wangwei/coolbadman.zip
- in#.#88b.com/soft/58wangwei/coolbadman.zip
- in#.#88b.com/58wangwei/coolbadman.ini
- DNS ASK in#.#gkj.com
- DNS ASK in#.#88b.com