Техническая информация
- '%APPDATA%\ypn\chp.exe' "%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE" http://5.##.176.225/transport/controls_clue_flight-trust.php
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://5.##.176.225/transport/controls_clue_flight-trust.php
- '<SYSTEM32>\cmd.exe' /c ""%APPDATA%\ypn\bat.bat" "
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\controls_clue_flight-trust[1].php
- %APPDATA%\ypn\chp.exe
- %APPDATA%\ypn\bat.bat
- '5.##.176.225':80
- 'localhost':1036
- 5.##.176.225/transport/controls_clue_flight-trust.php
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'