Техническая информация
- '%WINDIR%\Hesliu.exe' (загружен из сети Интернет)
- '<SYSTEM32>\taskkill.exe' /im 360rp.exe /f
- '%WINDIR%\Hesliu.exe'
- '<SYSTEM32>\taskkill.exe' /im 360sd.exe /f
- '<SYSTEM32>\cmd.exe' /c taskkill /im 360sd.exe /f
- '<SYSTEM32>\cmd.exe' /c taskkill /im 360rp.exe /f
- %WINDIR%\Hesliu.exe
- %TEMP%\~DF9610.tmp
- %TEMP%\~DF9610.tmp
- 'xp###.3322.org':80
- 'localhost':1037
- http://xp###.3322.org/dy/wanm/wg46.exe
- DNS ASK xp###.3322.org
- ClassName: '' WindowName: ''