Техническая информация
- '<SYSTEM32>\regini.exe' "%TEMP%\266281.ini"
- %TEMP%\266281.ini
- %TEMP%\266281.ini
- '12#.#28.228.7':8880
- 'wm.###guogeng.com':80
- '21#.#41.239.157':8880
- 'lo#.#tddn.com':80
- 'dl###1.qq.com':80
- wm.###guogeng.com/wm3000/6754.rar
- wm.###guogeng.com/wm3000/4986.rar
- wm.###guogeng.com/wm3000/9678.rar
- wm.###guogeng.com/wm3000/8038.rar
- wm.###guogeng.com/wm3000/4365.rar
- wm.###guogeng.com/wm3000/5324.rar
- lo#.#tddn.com/UpLog/worklog.asp?Na###################################################
- dl###1.qq.com/invc/tt/QQBrowser_Setup_ExternalForum_15649.exe
- lo#.#tddn.com/UpLog/worklog.asp?Na##############################################
- wm.###guogeng.com/wm3000/7252.rar
- wm.###guogeng.com/wm3000/2397.rar
- wm.###guogeng.com/wm3000/9301.rar
- DNS ASK wm.###guogeng.com
- DNS ASK dl###1.qq.com
- DNS ASK lo#.#tddn.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'