Техническая информация
- %TEMP%\ggsetup.exe hideinstall
- %TEMP%\ggsetup.exe (загружен из сети Интернет)
- %TEMP%\ggsetup.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ggsetup[1].php
- 'localhost':1038
- 'wt.##safe.com':80
- 'bb#.#gsafe.com':80
- wt.##safe.com/download/ggsetup.php?ch############################
- DNS ASK wt.##safe.com
- DNS ASK bb#.#gsafe.com
- ClassName: 'Shell_TrayWnd' WindowName: ''