Техническая информация
- '%TEMP%\260015.exe'
- '%TEMP%\260015.exe' (загружен из сети Интернет)
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\270859.bat" "<Полный путь к вирусу>" "
- [<HKLM>\Software\FlashFXP]
- [<HKCU>\Software\FTPWare\COREFTP\Sites]
- [<HKLM>\Software\FlashFXP\3]
- [<HKCU>\Software\FlashFXP\3]
- [<HKCU>\Software\FlashFXP]
- %TEMP%\270859.bat
- %TEMP%\260015.exe
- '62.##.177.78':80
- '62.##.179.207':80
- '62.#6.47.5':80
- 62.##.177.78/our1/1.exe
- 62.##.179.207/pnn/ga.php
- 62.#6.47.5/pnn/ga.php