Техническая информация
- '<SYSTEM32>\3.exe' /stext 3.txt
- '<SYSTEM32>\vmailer.exe' b0dy.txt mail.gmx.net steampowered@windowslive.com m.mendelson@gmx.de m.mendelson@gmx.de hannelore
- 'C:\2.exe' "%APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default"
- '<SYSTEM32>\1.exe'
- '<SYSTEM32>\2.exe'
- '<SYSTEM32>\cmd.exe' /c ""<SYSTEM32>\mailer.bat" "
- '<SYSTEM32>\cmd.exe' /c ""<SYSTEM32>\exec.bat" "
- <SYSTEM32>\exec.bat
- C:\2.exe
- <SYSTEM32>\1.txt
- <SYSTEM32>\mailer.bat
- <SYSTEM32>\b0dy.txt
- C:\err_log.txt
- <SYSTEM32>\1.exe
- <SYSTEM32>\2.exe
- <SYSTEM32>\3.exe
- <SYSTEM32>\vmailer.exe
- <SYSTEM32>\3.exe
- <SYSTEM32>\vmailer.exe
- <SYSTEM32>\exec.bat
- %TEMP%\~DF2FF7.tmp
- C:\err_log.txt
- <SYSTEM32>\2.exe
- <SYSTEM32>\mailer.bat
- C:\2.exe
- <SYSTEM32>\1.txt
- <SYSTEM32>\1.exe
- <SYSTEM32>\b0dy.txt
- 'ma##.gmx.net':25
- DNS ASK ma##.gmx.net
- ClassName: 'MS_WINHELP' WindowName: '(null)'