Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'QQDoctor.exe' = '<SYSTEM32>\QQDoctor.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\QQDoc] 'Start' = '00000002'
- <SYSTEM32>\QQDoctor.exe
- <SYSTEM32>\se.exe
- <SYSTEM32>\se.exe -install
- <SYSTEM32>\cmd.exe /c C:\rec.bat
- <SYSTEM32>\ping.exe -n 5 127.0.0.1
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://so###.srle.cn:8080/sogou/sogou.asp
- <SYSTEM32>\reg.exe import <SYSTEM32>\IHNJKUH.reg
- <SYSTEM32>\IHNJKUH.reg
- C:\rec.bat
- <SYSTEM32>\se.exe
- <SYSTEM32>\QQDoctor.exe
- <SYSTEM32>\IHNJKUH.reg
- 'so###.srle.cn':8080
- 'localhost':1036
- DNS ASK so###.srle.cn
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''