Техническая информация
- '%WINDIR%\so.exe' (загружен из сети Интернет)
- '%WINDIR%\so.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\lll[1].exe
- %WINDIR%\so.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\lll[1].exe
- 'ex#####.###-cn-hangzhou.aliyuncs.com':80
- http://ex#####.###-cn-hangzhou.aliyuncs.com/lll.exe
- DNS ASK ex#####.###-cn-hangzhou.aliyuncs.com