Техническая информация
- %WINDIR%\server.exe
- %TEMP%\111111.exe
- %TEMP%\19.1.exe
- <SYSTEM32>\winlogon.exe
- <SYSTEM32>\winlogon.exe
- %WINDIR%\server.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\212344269201291082556362[1]
- %WINDIR%\url.txt
- %TEMP%\19.1.exe
- %TEMP%\111111.exe
- 'ch######fuzhu.blog.163.com':80
- '52####l.3322.org':80
- 'hi.##idu.com':80
- ch######fuzhu.blog.163.com/blog/static/212344269201291082556362/
- 52####l.3322.org/if/1.txt
- hi.##idu.com/qq380000002/item/db4d622f488512e5a5275a3a
- DNS ASK ch######fuzhu.blog.163.com
- DNS ASK 52####l.3322.org
- DNS ASK hi.##idu.com
- ClassName: 'Shell_TrayWnd' WindowName: ''