Техническая информация
- '%WINDIR%\Temp\earn1.exe'
- '%WINDIR%\Temp\earn1.exe' (загружен из сети Интернет)
- <SYSTEM32>\earn1.exe
- %WINDIR%\Temp\earn1.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\run[1].exe
- 'h1.##pway.com':80
- 'localhost':1037
- h1.##pway.com/mou3ad15/run.exe
- DNS ASK h1.##pway.com