Техническая информация
- '' (загружен из сети Интернет)
- %TEMP%\d42o33zsM.tmp\1.exe
- %TEMP%\d42o33zsM.tmp\2.exe
- %TEMP%\d42o33zsM.tmp\3.exe
- %TEMP%\d42o33zsM.tmp\4.exe
- 'wp#d':80
- 'bo#.####ismyipaddress.com':80
- 'mi###on.5v.pl':80
- http://11#.#11.111.1/wpad.dat via wp#d
- http://bo#.####ismyipaddress.com/
- http://www.mi###on.5v.pl/1.exe via mi###on.5v.pl
- http://www.mi###on.5v.pl/2.exe via mi###on.5v.pl
- http://www.mi###on.5v.pl/3.exe via mi###on.5v.pl
- http://www.mi###on.5v.pl/4.exe via mi###on.5v.pl
- DNS ASK wp#d
- DNS ASK bo#.####ismyipaddress.com
- DNS ASK www.mi###on.5v.pl
- '%TEMP%\d42o33zsM.tmp\1.exe' /stext 1.txt
- '%TEMP%\d42o33zsM.tmp\3.exe' /stext 3.txt
- '%TEMP%\d42o33zsM.tmp\2.exe' /stext 2.txt
- '%TEMP%\d42o33zsM.tmp\4.exe' /stext 4.txt
- '<SYSTEM32>\cmd.exe' /k cd %temp%/d42o33zsM.tmp/ & 1.exe /stext 1.txt&exit
- '<SYSTEM32>\cmd.exe' /k cd %temp%/d42o33zsM.tmp/ & 2.exe /stext 2.txt&exit
- '<SYSTEM32>\cmd.exe' /k cd %temp%/d42o33zsM.tmp/ & 3.exe /stext 3.txt&exit
- '<SYSTEM32>\cmd.exe' /k cd %temp%/d42o33zsM.tmp/ & 4.exe /stext 4.txt&exit