Техническая информация
- '%TEMP%\seris.exe'
- '<SYSTEM32>\ntvdm.exe' -f -i1
- %WINDIR%\Temp\scs1.tmp
- %WINDIR%\Temp\scs2.tmp
- %TEMP%\gango.exe
- %TEMP%\seris.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\0805USmp[1].rar
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- 'ph###aholic.com':80
- ph###aholic.com/images/banners/0805USmp.rar
- DNS ASK ph###aholic.com
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-b5c.b60.380001'