Техническая информация
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 1520
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\metadata\f0accf77cdcbff39f6191887f6d2d357
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\content\f0accf77cdcbff39f6191887f6d2d357
- %TEMP%\1283451.cvr
- 'wi#####imbers.com.au':80
- 'wi####timbers.com':80
- 'wi####timbers.com':443
- http://wi#####imbers.com.au/media/word.exe
- http://www.wi####timbers.com/media/word.exe
- 'wi####timbers.com':443
- DNS ASK wi#####imbers.com.au
- DNS ASK wi####timbers.com