Техническая информация
- '<SYSTEM32>\ping.exe' -n 0 127.0.0.1
- '<SYSTEM32>\cmd.exe' /c %TEMP%\scratch.bat
- '<SYSTEM32>\schtasks.exe' /query /FO CSV /tn WIN-statsAdmin
- %TEMP%\scratch.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\set[1].php
- 'wi##.#ecureddl.com':80
- 'localhost':1035
- wi##.#ecureddl.com/stats/canal/main/set.php?id#########################
- DNS ASK wi##.#ecureddl.com
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'