Техническая информация
- '%TEMP%\Off 80YmYRT9a190ZMe\310714_br.exe'
- '%TEMP%\Off 80YmYRT9a190ZMe\271014_nj.exe'
- '%TEMP%\Off 80YmYRT9a190ZMe\310714_o.exe'
- '%TEMP%\Off 80YmYRT9a190ZMe\271014_nj.exe' (загружен из сети Интернет)
- '%TEMP%\Off 80YmYRT9a190ZMe\310714_o.exe' (загружен из сети Интернет)
- '%TEMP%\Off 80YmYRT9a190ZMe\310714_br.exe' (загружен из сети Интернет)
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\23BUYPX5\271014_nj[1]
- %TEMP%\Off 80YmYRT9a190ZMe\310714_br.exe
- %TEMP%\Off 80YmYRT9a190ZMe\271014_nj.exe
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\3U23MFC9\8HiaohS9X[1]
- %TEMP%\nsuC13E.tmp\nsWeb.dll
- %TEMP%\nsuC13E.tmp\inetc.dll
- %TEMP%\nseC0DF.tmp
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YIF7DGLM\310714_o[1].exe
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\UEWNTWLX\310714_br[1]
- %TEMP%\Off 80YmYRT9a190ZMe\310714_o.exe
- 'www.no##ake.me':80
- 'www.2n###quest.me':80
- 'www.fi##treq.me':80
- www.2n###quest.me/310714d/271014_nj.exe?rn#######
- www.no##ake.me/8HiaohS9X
- www.fi##treq.me/310714d/310714_o.exe
- www.2n###quest.me/310714d/310714_br.exe?rn#######
- DNS ASK www.no##ake.me
- DNS ASK www.2n###quest.me
- DNS ASK www.fi##treq.me
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''