Техническая информация
- <SYSTEM32>\logonui.exe
- %WINDIR%\Temp\{4A3BA84E-DA76-4d15-AAFA-64AF0F4D169A}.dat
- <SYSTEM32>\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\wpad[1].dat
- <SYSTEM32>\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\log[1].txt
- %WINDIR%\afxs.dll
- %WINDIR%\Temp\{46C60C69-3B4F-4317-86FE-B0CC823AD384}.dat
- %WINDIR%\Temp\{46C60C69-3B4F-4317-86FE-B0CC823AD384}.dat
- из <Полный путь к вирусу> в C:\RECYCLER\{530E6735-313E-4295-94A3-3C3CD09D80EA}.tmp
- 'wpad.localdomain':80
- 'ha###one.co.kr':80
- '21#.#05.6.219':80
- wpad.localdomain/wpad.dat
- ha###one.co.kr/images/admin/log/log.txt
- 21#.#05.6.219/images/img/817a36d6/log/log.asp?is#########################################################################################
- DNS ASK wpad.localdomain
- DNS ASK ha###one.co.kr
- ClassName: 'Shell_TrayWnd' WindowName: ''