Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Plugin.exe
- '<SYSTEM32>\ping.exe' google.com -n 1 and Settings\%USERNAME%\Application Data\ClientBotnet\MicroSoft\1.0.0.0\p.b
- '<SYSTEM32>\cmd.exe' /c ping google.com -n 1 > %APPDATA%\ClientBotnet\MicroSoft\1.0.0.0\p.b
- C:\Documents
- 'ip##i.co':443
- '6t#n.be':5403
- 'wp#d':80
- 'mo###.#utils-rezo.info':80
- http://mo###.#utils-rezo.info/text
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK ip##i.co
- DNS ASK 6t#n.be
- DNS ASK mo###.#utils-rezo.info
- DNS ASK google.com
- DNS ASK wp#d