Техническая информация
- %TEMP%\app_32.exe
- %TEMP%\tmpapp.exe "%TEMP%\tmpdata.html"
- <SYSTEM32>\ping.exe -n 10 127.0.0.1
- <SYSTEM32>\ping.exe -n 3 127.0.0.1
- <SYSTEM32>\cmd.exe /c %TEMP%\tmpcmd.bat
- [<HKCU>\Software\Paltalk]
- %TEMP%\app_32.exe
- %TEMP%\tmpdata.html
- %TEMP%\tmpapp.exe
- %TEMP%\tmpcmd.bat
- %TEMP%\tmpdata.html
- %TEMP%\tmpcmd.bat
- %TEMP%\tmpapp.exe
- %TEMP%\app_32.exe
- 'au######on.whatismyip.com':80
- 'wp#d':80
- au######on.whatismyip.com/n09230945.asp
- wp#d/wpad.dat
- DNS ASK au######on.whatismyip.com
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''