Техническая информация
- '%TEMP%\cs13.exe' (загружен из сети Интернет)
- '%TEMP%\cs13.exe' facebook.com -d:pwf.xml
- '%TEMP%\cs13.exe' google.com -d:pwg.xml
- %TEMP%\cs13.config
- %TEMP%\cs13.exe
- %TEMP%\cook.exe
- %TEMP%\System.Data.SQLite.dll
- %TEMP%\msvcp120d.dll
- %TEMP%\msvcr120d.dll
- %TEMP%\sqlite3.dll
- 'ge###cation.com':80
- 'fi##.##bilefilmizle.com':80
- 'wp#d':80
- http://fi##.##bilefilmizle.com/ch/cs13.exe
- http://fi##.##bilefilmizle.com/ch/cs13.config
- http://ge###cation.com/
- http://fi##.##bilefilmizle.com/ch/cook.exe
- http://fi##.##bilefilmizle.com/ch/System.Data.SQLite.dll
- http://fi##.##bilefilmizle.com/ch/msvcp120d.dll
- http://11#.#11.111.1/wpad.dat via wp#d
- http://fi##.##bilefilmizle.com/ch/sqlite3.dll
- http://fi##.##bilefilmizle.com/ch/msvcr120d.dll
- DNS ASK ge###cation.com
- DNS ASK fi##.##bilefilmizle.com
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''