Техническая информация
- <SYSTEM32>\wbem\wmiprvse.exe
- 'o3######.sched.sma.tdnsv5.com':80
- 'cd#.#utaopt.cn':80
- 'hi##do.com':443
- 'k8###.#8shangcheng.com':80
- http://dd####kd.mmakd.ren/api/userconfig/uc_cc03e747a6afbbcbf8be7668acfebee5.json
- http://dd####kd.mmakd.ren/API/General/thenewseven
- http://cd#.#utaopt.cn/API/General/thenewseven
- http://k8###.#8shangcheng.com/api/userconfig/uc_cc03e747a6afbbcbf8be7668acfebee5.json
- http://dd####kd.mmakd.ren/API/General/arearst
- 'hi##do.com':443
- DNS ASK cd#.#ackow.com
- DNS ASK dd####kd.mmakd.ren
- DNS ASK cd#.#####w.com.cdn.dnsv1.com
- DNS ASK 21######.sched.sma.tdnsstic1.cn
- DNS ASK o3######.sched.sma.tdnsv5.com
- DNS ASK cd#.#utaopt.cn
- DNS ASK hi##do.com
- DNS ASK 5d######3dacc5a0.gazigz.cn
- DNS ASK 58.###mon.gazigz.cn
- DNS ASK k8###.#8shangcheng.com
- ClassName: 'ProgMan' WindowName: ''
- ClassName: 'SHELLDLL_DefView' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- '<SYSTEM32>\ipconfig.exe' /flushdns' (со скрытым окном)
- '<SYSTEM32>\wbem\wmiprvse.exe'
- '<SYSTEM32>\ipconfig.exe' /flushdns