Техническая информация
- %WINDIR%\Temp\{BB286A5D-EC5B-4DD9-9A82-B822C4ED0C92}.exe
- %WINDIR%\Temp\Main.exe
- %WINDIR%\Temp\Download.dll
- %WINDIR%\Temp\Execute.dll
- %TEMP%\sidrunet.tid
- %WINDIR%\Temp\{BB286A5D-EC5B-4DD9-9A82-B822C4ED0C92}.exe
- 'st#.#ndwn.cn':80
- http://st#.#ndwn.cn/log/ver.asp?ID#####
- DNS ASK st#.#ndwn.cn
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- '%WINDIR%\Temp\{BB286A5D-EC5B-4DD9-9A82-B822C4ED0C92}.exe' -p8grfd@# -d"%WINDIR%\Temp\" -s
- '%WINDIR%\Temp\Main.exe'