Техническая информация
- %PROGRAM_FILES%\VDoctor\VDoctorSetup_vd1.exe (загружен из сети Интернет) /verysilent
- <SYSTEM32>\cmd.exe /c "%TEMP%\<Имя вируса>.exe.bat"
- %TEMP%\<Имя вируса>.exe.bat
- %PROGRAM_FILES%\VDoctor\VDoctorSetup_vd1.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\VDoctorSetup_vd1[1].exe
- 'do##.###tidownload.co.kr':80
- do##.###tidownload.co.kr/Prog/VDoctorSetup_vd1.exe
- DNS ASK do##.###tidownload.co.kr