Техническая информация
- '<SYSTEM32>\svchost.exe' "<SYSTEM32>\notepad.exe"
- '<SYSTEM32>\notepad.exe'
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\WmdmPmSN.exe
- %TEMP%\tmp.dll
- %TEMP%\tmp.dat
- '61.##.151.166':80
- '61.##.151.166':443
- 61.##.151.166/user.jsp?ax###################
- 61.##.151.166/index.jsp?pw###################
- 61.##.151.166/parse.jsp?di###################