Техническая информация
- '<SYSTEM32>\ntvdm.exe' -i1
- %APPDATA%\vbc.exe
- http://ba###rvices.com/stub.exe
- http://ba###rvices.com/cgi-sys/suspendedpage.cgi
- DNS ASK ba###rvices.com
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-984.968.c0'
- '%CommonProgramFiles%\microsoft shared\equation\eqnedt32.exe' -Embedding