Техническая информация
- '%TEMP%\setup.exe' a85eb922d7bdd4c01fa005010bb18b43 go.mistralaucanada.com /images/srvr/partner/send.php 5
- '%TEMP%\clr_gg.exe' go.mistralaucanada.com Chertezhi-vechnogo-dvigatelya.zip
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\clr_gg.exe.bat" clr_gg.exe go.mistralaucanada.com Chertezhi-vechnogo-dvigatelya.zip"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\setup.exe.bat" setup.exe a85eb922d7bdd4c01fa005010bb18b43 go.mistralaucanada.com /images/srvr/partner/send.php 5"
- %TEMP%\93cecac3f4254e3d97aae2e80977231b
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\send[1].htm
- %TEMP%\setup.exe
- %TEMP%\clr_gg.exe
- %TEMP%\setup.exe
- %TEMP%\clr_gg.exe
- %TEMP%\93cecac3f4254e3d97aae2e80977231b
- 'go.####ralaucanada.com':80
- DNS ASK go.####ralaucanada.com
- ClassName: 'Shell_TrayWnd' WindowName: ''