Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\_bpahdc6_.lnk
- <SYSTEM32>\tasks\_bpahdc6_
- C:\users\public\_bpahdc6_\_bpahdc6_.zip
- C:\users\public\_bpahdc6_\exe.png
- C:\users\public\_bpahdc6_\12.dll
- C:\users\public\b.ar
- C:\users\public\_bpahdc6_\_bpahdc6_1.lns
- %LOCALAPPDATA%\microsoft\forms\frmdata64.dat
- %TEMP%\outlook logging\firstrun.log
- %WINDIR%\inf\outlook\outlperf.h
- %WINDIR%\inf\outlook\0009\outlperf.ini
- C:\users\public\_bpahdc6_\exe.png в C:\users\public\_bpahdc6_\_bpahdc6_.exe
- C:\users\public\_bpahdc6_\12.dll в C:\users\public\_bpahdc6_\_bpahdc6_.lns
- http://an####bo1.myftp.biz/mx/L9m3h0z3t0c6O3oaFYMyEhXO/al/L9m3h0z3t0c6O3oaFYMyEhXO
- http://an####bo1.myftp.biz/mx/L9m3h0z3t0c6O3oaFYMyEhXOMD/al/md.zip
- DNS ASK an####bo1.myftp.biz
- ClassName: 'mspim_wnd32' WindowName: 'Microsoft Outlook'
- ClassName: 'rencat' WindowName: ''
- '%ProgramFiles%\microsoft office\office14\outlook.exe' -Embedding