Техническая информация
- <SYSTEM32>\ntvdm.exe
- %TEMP%\17e7.exe
- %WINDIR%\temp\scs1.tmp
- %WINDIR%\temp\scs2.tmp
- %WINDIR%\temp\scs1.tmp
- %WINDIR%\temp\scs2.tmp
- http://13.#5.76.78/hqmb/nana.exe
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-ee8.eec.360001'
- '<SYSTEM32>\ntvdm.exe' -f -i1