Техническая информация
- %WINDIR%\syswow64\svchost.exe
- %TEMP%\128d9e.tmp
- %TEMP%\128dce.tmp
- %TEMP%\128dfe.tmp
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012021030120210302\index.dat
- %TEMP%\128d9e.tmp
- %TEMP%\128dce.tmp
- %TEMP%\128dfe.tmp
- 'mo##nyy.cn':80
- 'ba##u.com':443
- http://www.mo###xie.win/cansu521.txt
- DNS ASK mo##nyy.cn
- DNS ASK yu####n.6600.org
- DNS ASK mo###xie.win
- DNS ASK ba##u.com
- ClassName: 'ENewFrame' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%WINDIR%\syswow64\svchost.exe'