Техническая информация
- <SYSTEM32>\ntvdm.exe -f -i1 -w -a <SYSTEM32>\krnl386.exe
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- %TEMP%\esheep.exe
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- 'ho###2.h16.ru':21
- DNS ASK ho###2.h16.ru
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ScreenMatePoo' WindowName: 'Screen Mate'
- ClassName: 'WOWFaxClass' WindowName: ''