Техническая информация
- <SYSTEM32>\tasks\home http service
- <SYSTEM32>\svchost.exe
- %PROGRAMDATA%\حلرائوشخ.exe
- %APPDATA%\httpservice\حلرائوشخ.exe
- %APPDATA%\httpservice\settings.ini
- %WINDIR%\temp\cab1049.tmp
- %WINDIR%\temp\tar104a.tmp
- %WINDIR%\temp\cab107a.tmp
- %WINDIR%\temp\tar107b.tmp
- %WINDIR%\temp\cab2646.tmp
- %WINDIR%\temp\tar2647.tmp
- %WINDIR%\temp\cab1049.tmp
- %WINDIR%\temp\tar104a.tmp
- %WINDIR%\temp\cab107a.tmp
- %WINDIR%\temp\tar107b.tmp
- %WINDIR%\temp\cab2646.tmp
- %WINDIR%\temp\tar2647.tmp
- http://ic###azip.com/
- DNS ASK ic###azip.com
- '%PROGRAMDATA%\حلرائوشخ.exe'
- '%APPDATA%\httpservice\حلرائوشخ.exe'
- '%PROGRAMDATA%\حلرائوشخ.exe' ' (со скрытым окном)
- '<SYSTEM32>\svchost.exe' ' (со скрытым окном)
- '%APPDATA%\httpservice\حلرائوشخ.exe' ' (со скрытым окном)
- '<SYSTEM32>\svchost.exe'