Техническая информация
- '%TEMP%\kpdoke.exe'
- '<SYSTEM32>\rundll32.exe' %TEMP%\2961c.tmp,start
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\VoidRay_web[1].php
- %TEMP%\kpdoke.exe
- %TEMP%\2961c.tmp
- %TEMP%\2961c.tmp
- %TEMP%\2961c.tmp
- '60.##0.154.142':9999
- 'lp#####ay.lingpao8.com':80
- '12#.#26.129.188':8888
- '61.##3.235.58':1023
- lp#####ay.lingpao8.com/VoidRay_web.php?UI###########################################################################
- DNS ASK lp#####ay.lingpao8.com