Техническая информация
- '%TEMP%\RarSFX0\xwhxy.exe'
- '%TEMP%\RarSFX0\xwhxy 0716.1.exe'
- '%WINDIR%\regedit.exe' /S %WINDIR%\regedi.reg
- %CommonProgramFiles%\iexplore.exe
- %WINDIR%\regedi.reg
- %TEMP%\RarSFX0\setup.ini
- %TEMP%\RarSFX0\xwhxy.exe
- %TEMP%\RarSFX0\xwhxy 0716.1.exe
- %TEMP%\RarSFX0\xwhxy 0716.1.exe
- DNS ASK www.ha###.com.cn
- DNS ASK hi.##idu.com
- ClassName: 'RegEdit_RegEdit' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'