Техническая информация
- %TEMP%\step$rewer2\winnt32.exe
- %TEMP%\step$rewer2\z.exe
- <SYSTEM32>\ping.exe -n 1 b-cn.8800.org
- <SYSTEM32>\findstr.exe /m /c:"111.111.111.2 www.ba##u.com" "<DRIVERS>\etc\hosts"
- <SYSTEM32>\taskkill.exe /f /im 360sd.exe
- <SYSTEM32>\cmd.exe /c ""%TEMP%\z.bat""
- <SYSTEM32>\cmd.exe /c ""%TEMP%\win32.bat""
- <SYSTEM32>\ping.exe -n 1 g-cn.8800.org
- %TEMP%\sg.ico
- %TEMP%\gg.ico
- %TEMP%\bd.ico
- %TEMP%\step$rewer2\a.txt
- %TEMP%\exe2.tmp
- %TEMP%\win32.bat
- %TEMP%\z.bat
- %TEMP%\winnt32.exe
- %TEMP%\z.exe
- %TEMP%\step$rewer2\winnt32.exe
- %TEMP%\step$rewer2\z.exe
- %TEMP%\exe1.tmp
- %TEMP%\z.exe
- %TEMP%\winnt32.exe
- %TEMP%\step$rewer2\a.txt
- %TEMP%\step$rewer2\winnt32.exe
- %TEMP%\step$rewer2\z.exe
- %TEMP%\z.bat
- DNS ASK b-##.8800.org
- DNS ASK g-##.8800.org
- '<IP-адрес в локальной сети>':1037
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''