Техническая информация
- <LS_APPDATA>\{YA7CKH7I-B0N5-WHS7-G75B-0QSF4Y2IXER1}\4gr90p18.exe
- <LS_APPDATA>\{YA7CKH7I-B0N5-WHS7-G75B-0QSF4Y2IXER1}\vv2r3kbm50ge5.exe
- <LS_APPDATA>\Temp\Libzips.exe
- <LS_APPDATA>\{YA7CKH7I-B0N5-WHS7-G75B-0QSF4Y2IXER1}\4gr90p18.exe (загружен из сети Интернет)
- <LS_APPDATA>\{YA7CKH7I-B0N5-WHS7-G75B-0QSF4Y2IXER1}\vv2r3kbm50ge5.exe (загружен из сети Интернет)
- <SYSTEM32>\ipconfig.exe /renew
- <SYSTEM32>\ipconfig.exe /flushdns
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\captudo[1].mid
- <LS_APPDATA>\{YA7CKH7I-B0N5-WHS7-G75B-0QSF4Y2IXER1}\4gr90p18.exe
- <LS_APPDATA>\{YA7CKH7I-B0N5-WHS7-G75B-0QSF4Y2IXER1}\vv2r3kbm50ge5.exe
- <LS_APPDATA>\Temp\Libzips.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\PrjAlfa[1].mid
- 'me#####li.freeoda.com':80
- 're########sjun.web166.f1.k8.com.br':80
- 'www.go###e.com.br':80
- re########sjun.web166.f1.k8.com.br/captudo.mid
- me#####li.freeoda.com/membros.php
- re########sjun.web166.f1.k8.com.br/PrjAlfa.mid
- DNS ASK me#####li.freeoda.com
- DNS ASK re########sjun.web166.f1.k8.com.br
- DNS ASK www.go###e.com.br
- ClassName: 'Shell_TrayWnd' WindowName: ''