Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\76487-642-2544634.exe
- %WINDIR%\explorer.exe
- %WINDIR%\Explorer.EXE
- %TEMP%\elsobak.bak
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\whoer[1]
- %TEMP%\elsobak.bak
- 'localhost':1038
- 'wh##r.net':80
- '18#.#47.135.125':80
- wh##r.net/
- wh##r.net/JZGZSG3fj643.php
- 18#.#47.135.125/hvRty34bz/Bh32fZ43ZHf.php
- DNS ASK wh##r.net
- '<IP-адрес в локальной сети>':1036
- ClassName: '' WindowName: 'Program Manager'