Техническая информация
- '%TEMP%\mGLgSsQwH.exe' x CxzUlLkZy.zip -pA10203040 -y
- '' (загружен из сети Интернет)
- '<SYSTEM32>\cmd.exe' /k c: & cd\ & cd %HOMEPATH%\Local Settings\Temp & mGLgSsQwH.exe x CxzUlLkZy.zip -pA10203040 -y & exit
- %TEMP%\CxzUlLkZy.zip
- %TEMP%\mGLgSsQwH.exe
- 'ja#####noborges.com.br':80
- 'el#####tes132.com.br':80
- http://ja#####noborges.com.br/vimonds/cristal1.txt
- http://el#####tes132.com.br/cascavel/pr.jpg
- DNS ASK ja#####noborges.com.br
- DNS ASK el#####tes132.com.br