Техническая информация
- '<SYSTEM32>\wcsnties.exe'
- '<SYSTEM32>\attrib.exe' <DRIVERS>\pcidump.sys -A -R -H
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\yacet.bat" "
- %TEMP%\xvc.datjmp.esi
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\stat[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\push[1].php
- %TEMP%\19937.20961
- <SYSTEM32>\cmp.esi
- <SYSTEM32>\winoer.dat
- <DRIVERS>\pcidump.txt
- <SYSTEM32>\wcsnties.exe
- %TEMP%\yacet.bat
- <SYSTEM32>\apx.dll
- <DRIVERS>\pcidump.sys
- %TEMP%\yacet.bat
- <DRIVERS>\pcidump.txt в <DRIVERS>\pcidump.sys
- 'xw##.3322.org':80
- 'localhost':1037
- xw##.3322.org/consumelogs/push.php?c=##############################
- xw##.3322.org/consumelogs/stat.php?i=####################################################################################
- DNS ASK xw##.3322.org