Техническая информация
- '%APPDATA%\tibke\appve.exe'
- '%APPDATA%\tibke\appve.exe'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\vbc.exe' /stext "%TEMP%\tmp1.tmp"
- '%TEMP%\File.exe'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- %TEMP%\strpath.tmp
- %APPDATA%\tibke\appve.exe
- %TEMP%\File.exe
- %TEMP%\svhost.exe
- %TEMP%\svhost.exe
- %TEMP%\svhost.exe
- 'ev####edictz.com':80
- 'ge###ools.net':80
- 'wp#d':80
- 'ch####p.dyndns.org':80
- http://ch####p.dyndns.org/
- http://11#.#11.111.1/wpad.dat via wp#d
- http://ge###ools.net/Products/iSpyKelogger/Server/
- http://ev####edictz.com/EmailProxy/tibke/index.php/
- DNS ASK ev####edictz.com
- DNS ASK ge###ools.net
- DNS ASK wp#d
- DNS ASK ch####p.dyndns.org