Техническая информация
- '<SYSTEM32>\0cG6QF\<Имя вируса>.exe'
- %CommonProgramFiles%\affect\sysxml.dat
- %CommonProgramFiles%\realize\sysxml.dat
- %CommonProgramFiles%\kinetic\sysxml.dat
- %CommonProgramFiles%\matter\sysxml.dat
- %CommonProgramFiles%\neutral\sysxml.dat
- %CommonProgramFiles%\heritage\sysxml.dat
- %CommonProgramFiles%\actual\sysxml.dat
- %CommonProgramFiles%\quirk\sysxml.dat
- %TEMP%\aut2.tmp
- <SYSTEM32>\0cG6QF\<Имя вируса>.exe
- %TEMP%\aut1.tmp
- <SYSTEM32>\0cG6QF\wbifrwp.dll
- %CommonProgramFiles%\decline\sysxml.dat
- %CommonProgramFiles%\lack\sysxml.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\18[1].xml
- %CommonProgramFiles%\matter\sysxml.dat
- %CommonProgramFiles%\affect\sysxml.dat
- %CommonProgramFiles%\actual\sysxml.dat
- %CommonProgramFiles%\neutral\sysxml.dat
- %CommonProgramFiles%\heritage\sysxml.dat
- %CommonProgramFiles%\decline\sysxml.dat
- %CommonProgramFiles%\lack\sysxml.dat
- %CommonProgramFiles%\quirk\sysxml.dat
- %CommonProgramFiles%\realize\sysxml.dat
- %CommonProgramFiles%\kinetic\sysxml.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\18[1].xml
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- 'da##.#8taojin.com':80
- 'da##.#ouming5.com':80
- 'da##.#2taojin.com':80
- 'localhost':1038
- 'da##.mikaow.com':80
- da##.#8taojin.com/api/18.xml
- da##.#ouming5.com/api/18.xml
- da##.mikaow.com/api/18.xml
- da##.#2taojin.com/api/18.xml
- DNS ASK da##.#8taojin.com
- DNS ASK da##.#ouming5.com
- DNS ASK da##.mikaow.com
- DNS ASK da##.#2taojin.com