Техническая информация
- '' (загружен из сети Интернет)
- %APPDATA%\Microsoft\Media Player\regems.exe
- %APPDATA%\Microsoft\Media Player\VBS.vbs
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\cpu32[1].exe
- %APPDATA%\Microsoft\Media Player\winmsk.exe
- <Полный путь к файлу>
- %APPDATA%\Microsoft\Media Player\regems.exe
- %APPDATA%\Microsoft\Media Player\VBS.vbs
- 'm.##wwa.com':9566
- 'ma#.#wwwa.com':80
- '10#.#5.14.210':9566
- http://ma#.#wwwa.com/rem.txt
- http://ma#.#wwwa.com/cpu32.exe
- DNS ASK m.##wwa.com
- DNS ASK ma#.#wwwa.com
- '%APPDATA%\Microsoft\Media Player\regems.exe'
- '%APPDATA%\Microsoft\Media Player\winmsk.exe' --donate-level 1 --max-cpu-usage 75 -o xmr.f2pool.com:13531 -u 45tmqarahf2JecfqMX8yEuiWv1VrwZpWzcFccXqMxzAsdsW8cNtaWWiCDVvAZf57jxS64fp2j7oCrKHcK9siKYYFErPJ56f.0803a -p x -k
- '<SYSTEM32>\cmd.exe' /c ping 1.1.1.1 -n 1 -w 1000 & start C:\"Documents and Settings"\%USERNAME%\"Application Data"\Microsoft\"Media Player"\regems.exe
- '<SYSTEM32>\ping.exe' 1.1.1.1 -n 1 -w 1000
- '<SYSTEM32>\wscript.exe' "%APPDATA%\Microsoft\Media Player\VBS.vbs"
- '<SYSTEM32>\cmd.exe' /c winmsk.exe --donate-level 1 --max-cpu-usage 75 -o xmr.f2pool.com:13531 -u 45tmqarahf2JecfqMX8yEuiWv1VrwZpWzcFccXqMxzAsdsW8cNtaWWiCDVvAZf57jxS64fp2j7oCrKHcK9siKYYFErPJ56f.0803a -p x -k ...