Техническая информация
- %TEMP%\mytb_sky5.exe
- <SYSTEM32>\cmd.exe /c \DelUS.bat
- %TEMP%\nsh4.tmp\SelfDelete.dll
- %TEMP%\nsh4.tmp\DLLWebCount.dll
- %TEMP%\nss2.tmp\SelfDelete.dll
- C:\DelUS.bat
- %TEMP%\nsh4.tmp\System.dll
- %TEMP%\nss2.tmp\stack.dll
- %TEMP%\nss2.tmp\StringFind.dll
- %TEMP%\mytb_sky5.exe
- %TEMP%\nss2.tmp\processes_second.dll
- %TEMP%\nss2.tmp\SelfDelete.dll
- %TEMP%\nss2.tmp\processes_second.dll
- %TEMP%\nss2.tmp\StringFind.dll
- %TEMP%\nss2.tmp\stack.dll
- %TEMP%\nsh4.tmp\SelfDelete.dll
- %TEMP%\nsh4.tmp\DLLWebCount.dll
- %TEMP%\mytb_sky5.exe
- %TEMP%\nsh4.tmp\System.dll
- 'to####r.mypg.co.kr':80
- to####r.mypg.co.kr/mytb/nlog/mytb_count.php?ki#################
- DNS ASK to####r.mypg.co.kr
- '<IP-адрес в локальной сети>':1036