Техническая информация
- <SYSTEM32>\KINSTALLERS_66_46409.exe
- <SYSTEM32>\kuping_s_25485.exe
- <SYSTEM32>\ksbinstaller_s_66_42195.exe
- <SYSTEM32>\explore.dll
- <SYSTEM32>\setups_66_44977.exe
- <SYSTEM32>\kuping_s_25485.exe (загружен из сети Интернет)
- <SYSTEM32>\ksbinstaller_s_66_42195.exe (загружен из сети Интернет)
- <SYSTEM32>\setups_66_44977.exe (загружен из сети Интернет)
- <SYSTEM32>\KINSTALLERS_66_46409.exe (загружен из сети Интернет)
- ClassName: '' WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: ''
- ClassName: '' WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass' WindowName: ''
- ClassName: '' WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'GBDYLLO' WindowName: ''
- ClassName: 'OLLYDBG' WindowName: ''
- ClassName: 'FilemonClass' WindowName: ''
- ClassName: 'pediy06' WindowName: ''
- <SYSTEM32>\xlei.dll
- <SYSTEM32>\explore.dll
- 'dl.####n.ijinshan.com':80
- 'j.#####.ijinshan.com':80
- dl.####n.ijinshan.com/kuping/jm/kuping_s_25485.exe
- dl.####n.ijinshan.com/liebao/link/ksbinstaller_s_66_42195.exe
- j.#####.ijinshan.com/jump.php?u_##########
- DNS ASK dl.####n.ijinshan.com
- DNS ASK j.#####.ijinshan.com
- ClassName: '18467-41' WindowName: ''