Техническая информация
- ClassName: 'OLLYDBG', WindowName: ''
- %TEMP%\evb3.tmp
- %TEMP%\evb4.tmp
- %TEMP%\evb5.tmp
- %TEMP%\evb2.tmp
- <Текущая директория>\Ionic.Zip.dll
- <Текущая директория>\log\Error_20171216.log
- 'au##.#inhkiem.us':80
- 'up.##me4you.us':80
- 'localhost':1037
- http://up.##me4you.us/news/
- http://au##.#inhkiem.us/TinhKiemService.aspx
- DNS ASK au##.#inhkiem.us
- DNS ASK up.##me4you.us
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- '<SYSTEM32>\route.exe' delete 125.212.217.76
- '<SYSTEM32>\cmd.exe' /C route delete 125.212.212.4
- '<SYSTEM32>\route.exe' delete 125.212.212.4
- '<SYSTEM32>\cmd.exe' /C route delete 125.212.216.199
- '<SYSTEM32>\route.exe' delete 125.212.216.199
- '<SYSTEM32>\cmd.exe' /C route delete 125.212.217.76