Техническая информация
- <SYSTEM32>\msiexec.exe /Y "%APPDATA%\DllDropper.dll"
- <SYSTEM32>\msiexec.exe /V
- %APPDATA%\DllDropper.dll
- %TEMP%\kZ2wu2QP.sys
- %TEMP%\MSI21ed8.LOG
- C:\Config.Msi\1d280.rbs
- %TEMP%\wvhrrbeo.msi
- %WINDIR%\Installer\1d27d.msi
- %WINDIR%\Installer\MSI1.tmp
- %WINDIR%\Installer\1d27d.msi
- %TEMP%\wvhrrbeo.msi
- C:\Config.Msi\1d280.rbs
- %WINDIR%\Installer\MSI1.tmp
- %APPDATA%\DllDropper.dll
- из <Полный путь к вирусу> в %TEMP%\kZ9wu3QP4w428Pm6
- '10#.#35.49.50':80
- 10#.#35.49.50/service/scripts/files/aff_50006.dll
- 10#.#35.49.50/service/listener.php?af#########