Техническая информация
- C:\nvidia\chengxu\yasuo.zip
- C:\nvidia\chengxu\yunxing.exe
- C:\nvidia\chengxu\dzz.vmp.exe
- <LS_APPDATA>\microsoft\windows\<INETFILES>\content.ie5\caasbycl\navcancl[1]
- <LS_APPDATA>\microsoft\windows\<INETFILES>\content.ie5\re1n75kr\errorpagetemplate[1]
- <LS_APPDATA>\microsoft\windows\<INETFILES>\content.ie5\0u8lpyu9\errorpagestrings[1]
- <LS_APPDATA>\microsoft\windows\<INETFILES>\content.ie5\caasbycl\httperrorpagesscripts[1]
- %WINDIR%\syswow64\administratortestpermissions10041
- <LS_APPDATA>\microsoft\windows\<INETFILES>\content.ie5\bzjx5bke\background_gradient[2]
- <LS_APPDATA>\microsoft\windows\<INETFILES>\content.ie5\bzjx5bke\info_48[1]
- <LS_APPDATA>\microsoft\windows\<INETFILES>\content.ie5\0u8lpyu9\bullet[1]
- <DRIVERS>\etc\hosts
- C:\nvidia\chengxu\yasuo.zip
- %WINDIR%\syswow64\administratortestpermissions10041
- DNS ASK m.###521.com
- DNS ASK xu#.##login2.qq.com
- DNS ASK rj.##bssb.com
- DNS ASK ad#.##aoman-jf.com
- ClassName: '' WindowName: 'TslGame.exe'
- ClassName: '' WindowName: 'TslGame_BE.exe'
- ClassName: '' WindowName: 'dzz.vmp.exe'
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- 'C:\nvidia\chengxu\yunxing.exe'
- 'C:\nvidia\chengxu\dzz.vmp.exe'
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c echo t><SYSTEM32>\administratortestpermissions10041' (со скрытым окном)
- '%WINDIR%\syswow64\ipconfig.exe' /flushdns
- '%WINDIR%\syswow64\cmd.exe' /c echo t><SYSTEM32>\administratortestpermissions10041