Техническая информация
- '%TEMP%\java.exe' /s /quiet /norestart
- '%TEMP%\java.exe' (загружен из сети Интернет)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\java[1].exe
- %TEMP%\java.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\uploadit[1].jar
- %TEMP%\java.jar
- 'www.ca####-klein.biz':80
- 'up##adit.me':80
- 'localhost':1035
- www.ca####-klein.biz/java.exe
- up##adit.me/?fi################
- DNS ASK www.ca####-klein.biz
- DNS ASK up##adit.me
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'