Техническая информация
- %WINDIR%\explorer.exe
- %HOMEPATH%\desktop\tileimage.bmp
- %HOMEPATH%\desktop\issi2013_template_for_posters.docx
- %HOMEPATH%\desktop\dashborder_192.bmp
- 'cd#.##scordapp.com':443
- 'microsoft.com':80
- 'el#######otorcyclecollector.com':80
- 'fe####laminate.com':80
- 'co#####assesathome.com':80
- 'oc##.thawte.com':80
- 'sh###yuming.com':80
- 'br#####prattdrums.com':80
- 'ru###rlunch.com':80
- http://www.wh#####theherb.store/nt8e/?B8###########################################################################################
- 'cd#.##scordapp.com':443
- DNS ASK cd#.##scordapp.com
- DNS ASK microsoft.com
- DNS ASK el#######otorcyclecollector.com
- DNS ASK fe####laminate.com
- DNS ASK ya###-hm.com
- DNS ASK co#####assesathome.com
- DNS ASK oc##.thawte.com
- DNS ASK sh###yuming.com
- DNS ASK br#####prattdrums.com
- DNS ASK ru###rlunch.com
- DNS ASK wh#####theherb.store
- '%WINDIR%\syswow64\mobsync.exe'
- '%WINDIR%\syswow64\systray.exe'
- '%WINDIR%\syswow64\cmd.exe' del "%WINDIR%\SysWOW64\mobsync.exe"