Техническая информация
- '%TEMP%\579512.exe'
- '%TEMP%\579512.exe' (загружен из сети Интернет)
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\581914.bat" "<Полный путь к вирусу>" "
- %TEMP%\581914.bat
- %TEMP%\579512.exe
- 'www.pi####brothers.com':80
- 'fo##ear.es':80
- 'su###ec-kk.com':80
- 'ja###tors.net':80
- fo##ear.es/tmp/file1.exe
- fo##ear.es/tmp/file2.exe
- www.pi####brothers.com/tmp/file1.exe
- www.pi####brothers.com/tmp/file2.exe
- ja###tors.net/tmp/r1.php
- su###ec-kk.com/tmp/r1.php
- DNS ASK www.pi####brothers.com
- DNS ASK fo##ear.es
- DNS ASK su###ec-kk.com
- DNS ASK ja###tors.net