Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Update.bat
- %WINDIR%\Temp\sqlserver.exe
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\temp\tttbrozzz.bat" "
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\temp\tttdelzzz.bat" "
- %WINDIR%\Temp\tttdelzzz.bat
- %WINDIR%\Temp\tttbrozzz.bat
- <Полный путь к вирусу>
- %WINDIR%\Temp\sqlserver.exe
- <SYSTEM32>\dumpkernel.exe
- %WINDIR%\Temp\Server32History.dat
- %WINDIR%\Temp\Server32History.dat
- 'ne####d.dyndns.biz':80
- DNS ASK ne#####er.dyndns.info
- DNS ASK ne####d.dyndns.biz
- ClassName: 'Shell_TrayWnd' WindowName: ''