Техническая информация
- '<SYSTEM32>\wermgr.exe' -queuereporting
- '<SYSTEM32>\taskhost.exe' $(Arg0)
- C:\ProgramData\Microsoft\RAC\Temp\sqlC6C7.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sqlC6F7.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sql8516.tmp
- %APPDATA%\Roaming\Config.ini
- C:\ProgramData\Microsoft\RAC\Temp\sql8536.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sql8516.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sql8536.tmp
- 'www.co####maximus.com':80
- www.co####maximus.com/banco.txt
- www.co####maximus.com/key/atualizaCliente.php
- DNS ASK www.co####maximus.com