Техническая информация
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' http://of#.uz/ru/content/internet-bank-stranica-vhoda
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2824SPHQ.bat" <Полный путь к вирусу>"
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\internet-bank-stranica-vhoda[1]
- %TEMP%\2824SPHQ.bat
- %TEMP%\2824SPHQ.bat
- %TEMP%\2824SPHQ.bat
- 'of#.uz':80
- 'localhost':1036
- http://of#.uz/ru/content/internet-bank-stranica-vhoda
- DNS ASK of#.uz
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''