Техническая информация
- <SYSTEM32>\regsvr32.exe /s "<Текущая директория>\iPush.Dll"
- %WINDIR%\Explorer.EXE
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\jPop[1].xml
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\exeurl[1].xml
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\rnd[1].asp
- <Текущая директория>\iPushConfig.ini
- <Текущая директория>\iPush.Dll
- 'cp###.icoou.cn':80
- 'ip.#8oo.com':80
- 'localhost':1035
- cp###.icoou.cn/exeurl.xml?nu#####################
- cp###.icoou.cn/jPop.xml?nu#####################
- ip.#8oo.com/rnd.asp?nu#####################
- DNS ASK cp###.icoou.cn
- DNS ASK ip.#8oo.com