Техническая информация
- '%TEMP%\probkc.exe'
- 'C:\Extracted\Explorer.exe.exe'
- '%TEMP%\probkc.exe' (загружен из сети Интернет)
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen C:\Extracted\KAKA_by_nancychiang.jpg
- %TEMP%\probkc.exe
- %HOMEPATH%\Recent\KAKA_by_nancychiang.lnk
- %HOMEPATH%\Recent\Extracted.lnk
- %TEMP%\sfx.ini
- C:\Extracted\KAKA_by_nancychiang.jpg
- C:\Extracted\Explorer.exe.exe
- %TEMP%\sfx.ini
- 's1.###ectxex.com':80
- 'wp#d':80
- s1.###ectxex.com/uploads/pazfY71kqx1DnEyp3gvrm99yAg0YUOVmEhsinwq6r23eLyHkERNtyH6MzHtkthUdLlZZYS-j67-J6LEe0Tf51H4WXxjFisjGm4hI
- wp#d/wpad.dat
- DNS ASK s1.###ectxex.com
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: '(null)'