Техническая информация
- '<SYSTEM32>\cmd.exe' /c afc9fe2f418b00a0.bat
- '<SYSTEM32>\rundll32.exe' rundlla.dll, PangolinMain lpServiceName
- <Текущая директория>\afc9fe2f418b00a0.bat
- %PROGRAM_FILES%\Windows Media Player\AliIM.EXE
- %PROGRAM_FILES%\wifackUSB2ppasqb.temp
- %WINDIR%\Temp\7172351 в <SYSTEM32>\rundlla.dll
- %PROGRAM_FILES%\wifackUSB2ppasqb.temp в %WINDIR%\Temp\7172351
- 'lx###q.3322.org':8786
- DNS ASK lx###q.3322.org