Техническая информация
- %APPDATA%\microsoft\windows\start menu\programs\startup\windows host management.lnk
- %APPDATA%\microsoft\windows\start menu\programs\startup\microsoft agent system.lnk
- %TEMP%\tmpcd5f.tmp.vbs
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\metadata\f0accf77cdcbff39f6191887f6d2d357
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\content\f0accf77cdcbff39f6191887f6d2d357
- %APPDATA%\agentx.dll
- %APPDATA%\microsoft agent system\microsoft agent system.exe
- %TEMP%\tmp7b91.tmp.vbs
- %APPDATA%\hostx.dll
- %APPDATA%\windows host management\windows host management.exe
- %TEMP%\tmpcd5f.tmp.vbs
- %TEMP%\tmp7b91.tmp.vbs
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- DNS ASK vi###soft.ir
- '<SYSTEM32>\wscript.exe' "%TEMP%\tmpCD5F.tmp.vbs"
- '%APPDATA%\microsoft agent system\microsoft agent system.exe'
- '<SYSTEM32>\wscript.exe' "%TEMP%\tmp7B91.tmp.vbs"
- '%APPDATA%\windows host management\windows host management.exe'
- '%APPDATA%\microsoft agent system\microsoft agent system.exe' ' (со скрытым окном)
- '%APPDATA%\windows host management\windows host management.exe' ' (со скрытым окном)