Техническая информация
- %TEMP%\DataUploader.exe
- %TEMP%\lxwlyp.exe
- <SYSTEM32>\ping.exe 127.0.0.1 -n 10
- <SYSTEM32>\setup.exe
- <SYSTEM32>\ntvdm.exe -f -i1
- <SYSTEM32>\ftp.exe -s:cmd.txt
- %WINDIR%\Temp\scs5.tmp
- %WINDIR%\Temp\scs4.tmp
- %TEMP%\CMD.TXT
- %TEMP%\nsb2.tmp\configuration.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\9[1].php
- %TEMP%\nsb2.tmp\System.dll
- %TEMP%\lxwlyp.exe
- %TEMP%\DataUploader.exe
- %TEMP%\nsb2.tmp\inetc.dll
- %TEMP%\ёьРВ.EXE
- %TEMP%\nsb2.tmp\configuration.ini
- %TEMP%\nsb2.tmp\inetc.dll
- %TEMP%\nsb2.tmp\System.dll
- %WINDIR%\Temp\scs4.tmp
- %WINDIR%\Temp\scs5.tmp
- %TEMP%\CMD.TXT
- 'localhost':1041
- 'fh###3.3322.org':21
- 'www.le###odata.com':80
- 'www.pp##.com':80
- 'localhost':1039
- www.le###odata.com/client/update/Update.xml
- www.pp##.com/9.php?sa###
- DNS ASK www.le###odata.com
- DNS ASK fh###3.3322.org
- DNS ASK www.pp##.com
- DNS ASK www.pp##.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-9d8.9dc.370001'