Техническая информация
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\0[1]
- <Текущая директория>\test
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\23003[1]
- из <Полный путь к вирусу> в %TEMP%\1.tmp
- 'mi###aruda.com':80
- 'localhost':1035
- mi###aruda.com/da5429b83d9531a3351ac76ff9c625e5/install/23003/5.1.2600_Service_Pack_2_32/0/0/0
- mi###aruda.com/da5429b83d9531a3351ac76ff9c625e5/startexe/IntUnk/admingrp/startadmin/5.1.2600_Service_Pack_2_32/23003
- DNS ASK mi###aruda.com