Техническая информация
- '<SYSTEM32>\sdkmon.exe'
- '<SYSTEM32>\dnfxxvip.exe'
- '<SYSTEM32>\1.exe'
- '<SYSTEM32>\wscript.exe' "<SYSTEM32>\1.vbs"
- <SYSTEM32>\dnfxxvip.exe
- <SYSTEM32>\sdkmon.exe
- <SYSTEM32>\1.exe
- <SYSTEM32>\1.vbs
- <SYSTEM32>\sdkmon.exe в %TEMP%\tmp2.tmp.mdk
- <SYSTEM32>\1.exe в %TEMP%\tmp1.tmp.mdk
- 's3.###xiaoxiao.com':80
- 'localhost':1037
- s3.###xiaoxiao.com/
- DNS ASK s3.###xiaoxiao.com
- ClassName: '#32770' WindowName: '??????'
- ClassName: 'TWINCONTROL' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: '' WindowName: '??????'
- ClassName: 'TWINCONTROL' WindowName: '??????'