Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows User-interface core2' = '%WINDIR%\Temp\system32.exe'
- %WINDIR%\Temp\system32.exe
- %WINDIR%\Temp\A.tmp
- %WINDIR%\Temp\Mine2.txt
- %WINDIR%\Temp\system32.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\Mine2[1].txt
- %WINDIR%\Temp\Mine2.txt
- %WINDIR%\Temp\system32.exe
- %WINDIR%\Temp\A.tmp
- %WINDIR%\Temp\system32.exe
- 'ma##.#avabit.com':25
- 'my#####olcenter.20m.com':80
- 'localhost':1035
- my#####olcenter.20m.com/Mine2.txt
- DNS ASK ma##.#avabit.com
- DNS ASK my#####olcenter.20m.com