Техническая информация
- '<SYSTEM32>\ping.exe' 1.1.1.1 -n 1 -w 1000
- '<SYSTEM32>\cmd.exe' /C ping 1.1.1.1 -n 1 -w 1000 > Nul & Del <Полный путь к вирусу>
- '%HOMEPATH%\Downloads\Pokemon\MicrosoftHost.exe'
- %HOMEPATH%\Downloads\Pokemon\pokbg.jpg
- %HOMEPATH%\Downloads\Pokemon\Pokemon.exe
- %HOMEPATH%\Downloads\Pokemon\pok.wav
- %HOMEPATH%\Downloads\Pokemon\MicrosoftHost.exe
- 'de#####ypto.net16.net':80
- 'wp#d':80
- http://11#.#11.111.1/wpad.dat via wp#d
- http://de#####ypto.net16.net/generate.php
- DNS ASK de#####ypto.net16.net
- DNS ASK wp#d