Техническая информация
- <SYSTEM32>\cmd.exe /c """%TEMP%\51986.bat"" "
- %TEMP%\51986.bat
- %TEMP%\gsdownfileinfo.oN
- %TEMP%\<Имя вируса>.exe
- %TEMP%\<Имя вируса>.exe
- 'u4.###suprt.co.kr':80
- 'u2.###suprt.co.kr':80
- 'u.####uprt.co.kr':80
- 'lo#.###supporter.co.kr':80
- '<IP-адрес в локальной сети>':80
- 'u1.###suprt.co.kr':80
- 'u8.###suprt.co.kr':80
- 'u7.###suprt.co.kr':80
- 'u9.###suprt.co.kr':80
- 'u1#.##bsuprt.co.kr':80
- 'u6.###suprt.co.kr':80
- 'u5.###suprt.co.kr':80
- 'u3.###suprt.co.kr':80
- lo#.###supporter.co.kr/app/userlog.php?ni#################################################################################################################################
- lo#.###supporter.co.kr/app/install.php?ni#####################################################################################################################
- <IP-адрес в локальной сети>ErrorNewSidebar/game/DownFileInfo.oBs
- DNS ASK u2.###suprt.co.kr
- DNS ASK u.####uprt.co.kr
- DNS ASK u8.###suprt.co.kr
- DNS ASK lo#.###supporter.co.kr
- DNS ASK u1.###suprt.co.kr
- DNS ASK u4.###suprt.co.kr
- DNS ASK u7.###suprt.co.kr
- DNS ASK u9.###suprt.co.kr
- DNS ASK u1#.##bsuprt.co.kr
- DNS ASK u6.###suprt.co.kr
- DNS ASK u5.###suprt.co.kr
- DNS ASK u3.###suprt.co.kr
- ClassName: 'ConsoleWindowClass' WindowName: ''