Техническая информация
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' http://ww########.crest-approved.org?bc######
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' http://46.###.73.45?bc######
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' http://ww########.#rest-approved.org:8080?bc######
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' http://46.###.#3.45:8080?bc######
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' http://ww########.#rest-approved.org:53?bc######
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' http://46.###.#3.45:53?bc######
- %TEMP%\7ZipSfx.000\batch-test.zip
- %TEMP%\7ZipSfx.000\batchfile.bat
- %TEMP%\7ZipSfx.000\batch-test.exe
- %TEMP%\7ZipSfx.000\batch-test.exe
- %TEMP%\7ZipSfx.000\batch-test.zip
- %TEMP%\7ZipSfx.000\batchfile.bat
- 'localhost':1037
- 'localhost':1038
- 'localhost':1039
- '46.##2.73.45':80
- 'localhost':1041
- 'localhost':1043
- 'localhost':1044
- '46.##2.73.45':8080
- '46.##2.73.45':53
- 'ww#######t.crest-approved.org':80
- 'ww#######t.crest-approved.org':8080
- 'ww#######t.crest-approved.org':53
- http://46.##2.73.45/?bc######
- http://ww#######t.crest-approved.org/?bc######
- DNS ASK ww#######t.crest-approved.org
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7ZipSfx.000\batchfile.bat" "