Техническая информация
- '<SYSTEM32>\svchost.exe'
- '<SYSTEM32>\notepad.exe'
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\WmdmPmSN.exe
- %TEMP%\tmp.dll
- %TEMP%\tmp.dat
- '61.##.151.166':80
- '61.##.151.166':443
- 61.##.151.166/process.jsp?cr###################
- 61.##.151.166/process.jsp?qu###################
- 61.##.151.166/parse.jsp?rg###################