Техническая информация
- '<SYSTEM32>\Sock32.dll'
- %PROGRAM_FILES%\NVk4c2b\Run.zip
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\coolbadman[1].zip
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\coolbadman[1].zip
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\coolbadman[1].zip
- <SYSTEM32>\Sock32.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\coolbadman[1].ini
- %PROGRAM_FILES%\NVk4c2b\log.dat
- %PROGRAM_FILES%\NVk4c2b\Run.zip
- %PROGRAM_FILES%\NVk4c2b\log.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\coolbadman[1].zip
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\coolbadman[1].zip
- %PROGRAM_FILES%\NVk4c2b\Run.zip
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\coolbadman[1].zip
- 'in#.#88b.com':80
- 'in#.#gkj.com':80
- '12#.#26.129.188':9048
- '60.##0.154.142':8888
- in#.#gkj.com/soft/58wangwei/coolbadman.zip
- in#.#88b.com/soft/58wangwei/coolbadman.zip
- in#.#88b.com/58wangwei/coolbadman.ini
- DNS ASK in#.#gkj.com
- DNS ASK in#.#88b.com