Техническая информация
- %TEMP%\SPOON\CACHE\0x5614AA7D22EA5672\STUBEXE\0xA7F9B74D98827232\notepad.exe
- %TEMP%\SPOON\CACHE\0x5614AA7D22EA5672\STUBEXE\0x05917096C5FBDCEA\rundll32.exe <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen %TEMP%\GAI 1.JPG
- %TEMP%\SPOON\CACHE\0x5614AA7D22EA5672\STUBEXE\0x0996015B6DE56BA9\hef.exe
- %TEMP%\GAI 1.JPG
- <LS_APPDATA>\Spoon\Sandbox\Photo Viewer\1.0.0.0\XSandbox.bin.__tmp__
- %TEMP%\SPOON\CACHE\0x5614AA7D22EA5672\STUBEXE\0x05917096C5FBDCEA\rundll32.exe.__tmp__ в %TEMP%\SPOON\CACHE\0x5614AA7D22EA5672\STUBEXE\0x05917096C5FBDCEA\rundll32.exe
- %TEMP%\SPOON\CACHE\0x5614AA7D22EA5672\STUBEXE\0xA7F9B74D98827232\notepad.exe.__tmp__ в %TEMP%\SPOON\CACHE\0x5614AA7D22EA5672\STUBEXE\0xA7F9B74D98827232\notepad.exe
- <LS_APPDATA>\Spoon\Sandbox\Photo Viewer\1.0.0.0\XSandbox.bin.__tmp__ в <LS_APPDATA>\Spoon\Sandbox\Photo Viewer\1.0.0.0\XSandbox.bin
- %TEMP%\SPOON\CACHE\0x5614AA7D22EA5672\STUBEXE\0x0996015B6DE56BA9\hef.exe.__tmp__ в %TEMP%\SPOON\CACHE\0x5614AA7D22EA5672\STUBEXE\0x0996015B6DE56BA9\hef.exe
- 'he####die.no-ip.org':8888
- 'st###.spoon.net':443
- DNS ASK he####die.no-ip.org
- DNS ASK st###.spoon.net
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '#32770' WindowName: 'GAI 1 - Windows Picture and Fax Viewer'
- ClassName: '#32770' WindowName: 'Program Manager'
- ClassName: '#32770' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''