Техническая информация
- '%TEMP%\~nsu.tmp\Au_.exe' _?=<Текущая директория>\
- <Полный путь к вирусу>
- %TEMP%\nsk5.tmp\HardInfo.dll
- %TEMP%\nsk5.tmp\System.dll
- %TEMP%\nsk5.tmp\nsJSON.dll
- %TEMP%\nsk5.tmp\addr.json
- %TEMP%\nsk5.tmp\nsm7.tmp
- %TEMP%\nsk5.tmp\md5dll.dll
- %TEMP%\nsu4.tmp
- %TEMP%\~nsu.tmp\Au_.exe
- %TEMP%\nsb2.tmp
- %TEMP%\nsk5.tmp\nsl6.tmp
- %TEMP%\nsk5.tmp\inetc.dll
- %TEMP%\nsk5.tmp\uninst.dll
- %TEMP%\nsk5.tmp\nsm7.tmp
- 'in#.###ol.sina.com.cn':80
- 'do##.3lsoft.com':80
- 'tj#.#lsoft.com':80
- in#.###ol.sina.com.cn/iplookup/iplookup.php?fo#########
- do##.3lsoft.com/help/ck2.html
- tj#.#lsoft.com/server_time
- DNS ASK in#.###ol.sina.com.cn
- DNS ASK do##.3lsoft.com
- DNS ASK tj#.#lsoft.com
- ClassName: 'Shell_TrayWnd' WindowName: ''