Техническая информация
- %TEMP%\Loader_forqiqi_9177.exe (загружен из сети Интернет) /S
- %TEMP%\txt.exe (загружен из сети Интернет) /S
- %WINDIR%\regedit.exe -s "%TEMP%\ime"
- %WINDIR%\ime\vbs\pp.vbs
- %WINDIR%\ime\netsecc\ime.dll
- %PROGRAM_FILES%\Internet Explorer\22.ico
- %TEMP%\Loader_forqiqi_9177.exe
- %TEMP%\txt.exe
- %TEMP%\nss2.tmp\NSISdl.dll
- %PROGRAM_FILES%\Internet Explorer\21.ico
- %TEMP%\22
- %TEMP%\21
- %TEMP%\nss2.tmp\System.dll
- %WINDIR%\ime\vbs\pp
- %WINDIR%\ime\netsecc\cc
- %TEMP%\ime
- %TEMP%\nss2.tmp\NSISdl.dll
- %TEMP%\nss2.tmp\System.dll
- %TEMP%\txt.exe
- %TEMP%\Loader_forqiqi_9177.exe
- 'cp#.#1pos.com':80
- 'ne#####.funshion.com':80
- 'bo##.17wyd.com':80
- cp#.#1pos.com/Loader_forqiqi_9177.exe
- ne#####.funshion.com/download/silent/67230/FunshionInstall.exe
- bo##.17wyd.com/down_100/setup_0.exe
- DNS ASK ne#####.funshion.com
- DNS ASK cp#.#1pos.com
- DNS ASK bo##.17wyd.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'RegEdit_RegEdit' WindowName: ''