Техническая информация
- <SYSTEM32>\ntdll.dll файлом <SYSTEM32>\root.dll
- %WINDIR%\Temp\sonOfBitch.exe
- %WINDIR%\plugin.exe
- <SYSTEM32>\dumpbin.dll
- <SYSTEM32>\XHGpop.dll
- %WINDIR%\Temp\sonOfBitch.exe
- %WINDIR%\restore.dll
- <SYSTEM32>\restore.dll
- <SYSTEM32>\root.dll
- %WINDIR%\plugin.exe
- %WINDIR%\root.dll
- %WINDIR%\Temp\APCI.sys
- %WINDIR%\config.ini
- <Текущая директория>\res
- %WINDIR%\APCI.reg
- %WINDIR%\xpcode.exe
- %WINDIR%\Temp\plugin.exe
- %WINDIR%\Temp\XHGpop.dll
- %WINDIR%\win7code.exe
- %WINDIR%\logcode.exe
- %WINDIR%\Temp\plugin.exe
- %WINDIR%\root.dll
- %WINDIR%\restore.dll
- %WINDIR%\plugin.exe
- %WINDIR%\win7code.exe
- %WINDIR%\Temp\XHGpop.dll
- %WINDIR%\Temp\APCI.sys
- <SYSTEM32>\ntdll.dll в <SYSTEM32>\dll.ntdll
- 'do###n.3322.org':5566
- '<IP-адрес в локальной сети>':90
- DNS ASK do###n.3322.org
- '22#.#9.176.175':8909