Техническая информация
- %TEMP%\epicbot_520.exe /wrapper /dir="%TEMP%\pkg_13112d2e0" /pproc="<Имя вируса>.exe"
- %TEMP%\Crypted.exe
- %TEMP%\epicbot_520.exe
- %TEMP%\pkg_13112d2e0\timings.txt
- %TEMP%\pkg_13112d2e0\autorun.txt
- %TEMP%\pkg_13112d2e0\detectionrules.dat
- %TEMP%\pkg_13112d2e0\epicbot_520.log
- %TEMP%\Crypted.exe
- %TEMP%\epicbot_520.exe
- %TEMP%\pkg_13112d2e0\wrapper.xml
- %TEMP%\pkg_13112d2e0\stub.log
- 'dl.###talliq.com':80
- 'localhost':1035
- dl.###talliq.com/api/detectionrequest.aspx?ke#####################################
- DNS ASK dl.###talliq.com
- ClassName: 'Shell_TrayWnd' WindowName: ''