Техническая информация
- %TEMP%\SDO1.tmp
- %TEMP%\SDO1.tmp (загружен из сети Интернет)
- %TEMP%\SDO1.tmp
- <LS_APPDATA>\SNDAService\id.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\sdsvc_Win32_Setup[1].exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\config[1].ini
- <LS_APPDATA>\SNDAService\Config.ini
- 'www.xi###hencc.com':80
- 'www.ku##zip.com':80
- www.xi###hencc.com/m/sdsvc_Win32_Setup.exe
- www.xi###hencc.com/updatecll/config.ini
- www.ku##zip.com/down/show.txt
- www.xi###hencc.com/act_001.php
- www.xi###hencc.com/act_002.php
- DNS ASK www.xi###hencc.com
- DNS ASK www.ku##zip.com
- ClassName: 'Shell_TrayWnd' WindowName: ''