Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '"%TEMP%\svchost.exe"'
- <Текущая директория>\¤¤µШЇиЄЕtnab29130561\tnab10006_29130561_2.doc
- %TEMP%\1.bat
- %TEMP%\svchost.exe
- <Текущая директория>\¤¤µШЇиЄЕtnab29130561\tnab10006_29130561_1.doc
- 'www.ft######er.blog-pixnet.com':80
- www.ft######er.blog-pixnet.com/qGZuaoOwB01K0*F-zVKb0a
- www.ft######er.blog-pixnet.com/qGZuaoOwB01K0*F-zVKb0a
- DNS ASK www.ft######er.blog-pixnet.com
- ClassName: '' WindowName: ''