Техническая информация
- '%WINDIR%\zero.exe'
- '%WINDIR%\Crypter.exe'
- '<SYSTEM32>\regsvr32.exe' /s CaptchaOCR.dll
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\reg.bat""
- %TEMP%\reg.bat
- %TEMP%\exe1.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\track[1].aspx
- %WINDIR%\zero.exe
- %WINDIR%\Crypter.exe
- %WINDIR%\Net.ann
- %WINDIR%\CaptchaOCR.dll
- %TEMP%\reg.bat
- %TEMP%\exe1.tmp
- 'www.ud##.com':80
- 'localhost':1035
- www.ud##.com/track.aspx?ty##############
- DNS ASK www.ud##.com
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'