Техническая информация
- %TEMP%\WinPro_WP104.exe
- %APPDATA%\temp\WinPro_DOWNMEMORY.exe
- %APPDATA%\temp\winpro1.exe
- %TEMP%\WinPro_WP104.exe (загружен из сети Интернет)
- %WINDIR%\explorer.exe
- %TEMP%\nsg8.tmp\UAC.dll
- %TEMP%\nsz6.tmp\nsCmds.dll
- %TEMP%\nsz6.tmp\nsCommands3.dll
- %TEMP%\nsg8.tmp\SelfDel.dll
- %TEMP%\WinPro_WP104.exe
- %TEMP%\nsg8.tmp\NSISdl.dll
- %TEMP%\nsq3.tmp\nsCommands3.dll
- %APPDATA%\temp\winpro1.exe
- %TEMP%\nsv2.tmp
- %APPDATA%\temp\WinPro_DOWNMEMORY.exe
- %TEMP%\nsu5.tmp
- %TEMP%\nsq3.tmp\nsCmds.dll
- %TEMP%\nsg8.tmp\SelfDel.dll
- %TEMP%\nsg8.tmp\NSISdl.dll
- %APPDATA%\temp\WinPro_DOWNMEMORY.exe
- %TEMP%\nsg8.tmp\UAC.dll
- %APPDATA%\temp\winpro1.exe
- %TEMP%\nsq3.tmp\nsCommands3.dll
- %TEMP%\nsq3.tmp\nsCmds.dll
- %TEMP%\nsz6.tmp\nsCommands3.dll
- %TEMP%\nsz6.tmp\nsCmds.dll
- 'fi##.#ideon.co.kr':80
- fi##.#ideon.co.kr/dst/WinPro_WP104.exe
- DNS ASK fi##.#ideon.co.kr