Техническая информация
- '<SYSTEM32>\regini.exe' "%TEMP%\302093.ini"
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %TEMP%\302093.ini
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\302093.ini
- 'dl###1.qq.com':80
- '12#.#28.228.7':8880
- 'lo#.#tddn.com':80
- '21#.#41.239.157':8880
- lo#.#tddn.com/UpLog/worklog.asp?Na###########################################
- dl###1.qq.com/invc/tt/QQBrowser_Setup_ExternalForum_15649.exe
- lo#.#tddn.com/UpLog/worklog.asp?Na#########################################
- DNS ASK dl###1.qq.com
- DNS ASK lo#.#tddn.com