Техническая информация
- '%TEMP%\1.tmp\jihuo.exe'
- '<SYSTEM32>\ping.exe' -n 3 127.0.0.1
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\setup.bat" "
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'ProxyServer' = ''
- %TEMP%\1.tmp\kb.vbs
- %TEMP%\1.tmp\jihuo.exe
- %TEMP%\1.tmp\setup.bat
- '12#.#25.114.144':80
- http://hi.##idu.com/mr_ylq/item/bbe7a417e877dbec9913d60f via 12#.#25.114.144
- DNS ASK hi.##idu.com
- ClassName: 'Shell_TrayWnd' WindowName: ''