Техническая информация
- '%WINDIR%\mscorsvw\mscorsvw.exe'
- %TEMP%\aut2.tmp
- %WINDIR%\mscorsvw\TencentdI.exe
- %TEMP%\aut1.tmp
- %WINDIR%\mscorsvw\mscorsvw.exe
- <SYSTEM32>\netstat.exe
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- 'ya##.gnway.cc':8000
- 'if####.ip138.com':80
- if####.ip138.com/ic.asp
- DNS ASK ya##.gnway.cc
- DNS ASK if####.ip138.com