Техническая информация
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\73579.bat" "
- %TEMP%\73579.bat
- %TEMP%\jsdownfileinfo.oN
- %TEMP%\<Имя вируса>.exe
- %TEMP%\<Имя вируса>.exe
- 'u2.###suprt.co.kr':80
- 'u3.###suprt.co.kr':80
- 'u5.###suprt.co.kr':80
- 'lo#.###supporter.co.kr':80
- '<IP-адрес в локальной сети>':80
- 'u9.###suprt.co.kr':80
- 'u1.###suprt.co.kr':80
- 'u4.###suprt.co.kr':80
- 'u1#.##bsuprt.co.kr':80
- 'u7.###suprt.co.kr':80
- 'u.####uprt.co.kr':80
- 'u8.###suprt.co.kr':80
- 'u6.###suprt.co.kr':80
- http://lo#.###supporter.co.kr/app/install.php?ni###########################################################################################
- http://lo#.###supporter.co.kr/app/userlog.php?ni#######################################################################################################
- http://ErrorNewSidebar/JJang/DownFileInfo.oBs via <IP-адрес в локальной сети>
- DNS ASK u3.###suprt.co.kr
- DNS ASK u5.###suprt.co.kr
- DNS ASK u1.###suprt.co.kr
- DNS ASK lo#.###supporter.co.kr
- DNS ASK u9.###suprt.co.kr
- DNS ASK u2.###suprt.co.kr
- DNS ASK u4.###suprt.co.kr
- DNS ASK u1#.##bsuprt.co.kr
- DNS ASK u7.###suprt.co.kr
- DNS ASK u.####uprt.co.kr
- DNS ASK u8.###suprt.co.kr
- DNS ASK u6.###suprt.co.kr
- ClassName: 'ConsoleWindowClass' WindowName: ''