Техническая информация
- "%TEMP%\nsv2.tmp\OB.exe" (загружен из сети Интернет)
- %TEMP%\nsv2.tmp\i.dat
- %TEMP%\nsv2.tmp\output.txt
- %TEMP%\nsv2.tmp\OB.exe
- %TEMP%\nsv2.tmp\nsRandom.dll
- %TEMP%\nsv2.tmp\IpConfig.dll
- %TEMP%\nsv2.tmp\inetc.dll
- %TEMP%\nsv2.tmp\nsRandom.dll
- %TEMP%\nsv2.tmp\OB.exe
- %TEMP%\nsv2.tmp\output.txt
- %TEMP%\nsv2.tmp\i.dat
- %TEMP%\nsv2.tmp\inetc.dll
- %TEMP%\nsv2.tmp\IpConfig.dll
- 's1###.##ave.ppidropper.com':80
- '15##.###ter.ppidropper.com':80
- s1###.##ave.ppidropper.com/download.php?bu######
- 15##.###ter.ppidropper.com/trackstats.php
- 15##.###ter.ppidropper.com/application.php
- DNS ASK s1###.##ave.ppidropper.com
- DNS ASK 15##.###ter.ppidropper.com
- ClassName: 'Shell_TrayWnd' WindowName: ''