Техническая информация
- '%WINDIR%\svchost.exe' -o ypool.net:8081 -u jiawei5211.PTS_12 -p x -m512 -t 1
- '%WINDIR%\adminn.exe'
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\yp.bat" "
- '<SYSTEM32>\wscript.exe' "%WINDIR%\kk.vbs"
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\kk.bat" "
- %WINDIR%\yp.bat
- %WINDIR%\adminn.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\VoidRay_web[1].php
- %WINDIR%\svchost.exe
- %WINDIR%\kk.vbs
- %WINDIR%\kk.bat
- %WINDIR%\adminn.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\VoidRay_web[1].php
- 'lp#####ay.mai315.com':80
- '61.##7.125.100':80
- '11#.#4.66.88':80
- 'lp####ray.huo99.com':80
- 'lp#####ay.lingpao8.com':80
- 'yp##l.net':8081
- 'lp#####ay.meimofang.com':80
- lp#####ay.mai315.com/VoidRay_web.php?UI##############################
- 61.##7.125.100/VoidRay_web.php?UI##############################
- 11#.#4.66.88/VoidRay_web.php?UI##############################
- lp#####ay.lingpao8.com/VoidRay_web.php?UI##############################
- lp#####ay.meimofang.com/VoidRay_web.php?UI##############################
- lp####ray.huo99.com/VoidRay_web.php?UI##############################
- DNS ASK lp####ray.huo99.com
- DNS ASK lp#####ay.mai315.com
- DNS ASK lp#####ay.meimofang.com
- DNS ASK lp#####ay.lingpao8.com
- DNS ASK yp##l.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'