Техническая информация
- '%TEMP%\Security.exe' (загружен из сети Интернет)
- '%TEMP%\Security.exe'
- '%HOMEPATH%\Local Settings\TempNajaf.exe'
- %TEMP%\Security.exe
- %HOMEPATH%\Local Settings\TempNajaf.exe
- 'www.ml##.org':80
- 'wp#d':80
- http://www.ml##.org/up/201306/files/2be5d6cdbad4b1.exe
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK www.ml##.org
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''