Техническая информация
- Диспетчера задач (Taskmgr)
- '<SYSTEM32>\wscript.exe' "%TEMP%\delay.vbs"
- '<SYSTEM32>\cmd.exe' /c c:\Del.bat
- %TEMP%\delay.vbs
- C:\Del.bat
- %TEMP%\delay.vbs
- 'xi#######aaaaaaaaaa.qiniudn.com':80
- xi#######aaaaaaaaaa.qiniudn.com/%E7%99%BE%E5%BA%A6%E4%B8%80%E9%94%AE%E8%A3%85%E6%9C%BA.exe
- xi#######aaaaaaaaaa.qiniudn.com/%E7%99%BE%E5%BA%A6%E4%B8%80%E9%94%AE%E8%A3%85%E6%9C%BA.zip
- xi#######aaaaaaaaaa.qiniudn.com/%E4%BD%BF%E7%94%A8%E8%AF%B4%E6%98%8E-%E5%AE%89%E8%A3%85%E5%89%8D%E5%BF%85%E8%AF%BB.txt
- DNS ASK xi#######aaaaaaaaaa.qiniudn.com