Техническая информация
- <SYSTEM32>\cmd.exe /c <Текущая директория>\$$336699.bat
- <Текущая директория>\$$336699.bat
- 'www.10###llion.kr':80
- 'to###an.co.kr':80
- 'go###e.co.kr':80
- www.10###llion.kr/upload/000000000001/sxguide_delete.exe
- to###an.co.kr/ver/pver.php
- go###e.co.kr/
- DNS ASK www.10###llion.kr
- DNS ASK to###an.co.kr
- DNS ASK go###e.co.kr
- '22#.#43.20.250':6501
- ClassName: 'MS_WINHELP' WindowName: ''