Техническая информация
- %TEMP%\ts.exe
- %TEMP%\Loader.dll
- <SYSTEM32>\imedllhost08.ime
- %TEMP%\Inject.dll
- %TEMP%\ts.exe
- %TEMP%\CFJuhua.dll
- 'www.cf##ma.cn':80
- www.cf##ma.cn/gg.txt
- www.cf##ma.cn/down.txt
- www.cf##ma.cn/up.txt
- DNS ASK www.cf##ma.cn
- ClassName: 'Shell_TrayWnd' WindowName: ''