Техническая информация
- %TEMP%\f1ee.tmp\batchfile.bat
- %TEMP%\selfdel0.bat
- %TEMP%\f1ee.tmp\batchfile.bat
- 're#####es.blogblog.com':443
- http://do#######software.blogspot.com/
- http://fo###.#oogleapis.com/css?fa##################
- http://www.google.com/css/maia.css
- http://fo###.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuht.eot
- http://fo###.gstatic.com/s/materialiconsextended/v50/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvN.eot
- DNS ASK do#######software.blogspot.com
- DNS ASK bl##ger.com
- DNS ASK fo###.#oogleapis.com
- DNS ASK google.com
- DNS ASK fo###.gstatic.com
- DNS ASK go#####analytics.com
- DNS ASK re#####es.blogblog.com
- ClassName: 'DDEMLMom' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\selfdel0.bat" "' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\F1EE.tmp\batchfile.bat" "
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\selfdel0.bat" "