Техническая информация
- '%WINDIR%\FrameworkUpdate\Update.exe'
- '%TEMP%\EXE2.exe'
- '%TEMP%\EXE1.exe'
- '<SYSTEM32>\svchost.exe'
- %APPDATA%\麽鎒駓覜
- %WINDIR%\FrameworkUpdate\Update.exe
- %TEMP%\EXE1.exe
- %TEMP%\EXE2.exe
- %APPDATA%\麽鎒駓覜
- %TEMP%\EXE2.exe
- 'go####tparrired.eu':80
- 'www.ms#.com':80
- www.ms#.com/
- go####tparrired.eu/index.php
- DNS ASK go####tparrired.eu
- DNS ASK www.ms#.com
- ClassName: 'Shell_TrayWnd' WindowName: ''