Техническая информация
- <SYSTEM32>\ytwefddv3w.exe
- <SYSTEM32>\ytwefddv3w.exe (загружен из сети Интернет)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ggoeniebt[1].exe
- <SYSTEM32>\ytwefddv3w.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\trichofile[1].ini
- <SYSTEM32>\jtrtfvtw1.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ggoeniebt[1].exe
- <SYSTEM32>\jtrtfvtw1.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\trichofile[1].ini
- 're####andsite.com':80
- 'wi##ar.net':80
- 'localhost':1037
- 'ad###ss-bar.net':80
- ad###ss-bar.net/inCheck/files/trichofile.php
- wi##ar.net/protest/chotri/chkdown.php?ch#################################
- ad###ss-bar.net/inCheck/files/trichofile.ini
- re####andsite.com/yiber/ggoeniebt.exe
- DNS ASK wi##ar.net
- DNS ASK re####andsite.com
- DNS ASK ad###ss-bar.net