Техническая информация
- '<SYSTEM32>\cmd.exe' /c <SYSTEM32>\_aa.bat
- C:\a.reg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\qq01[1].exe
- <SYSTEM32>\_aa.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\hailiang[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\hailiang[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\new[1].rar
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\hailiang[1].asp
- 'www.qq###168.com':80
- 'localhost':1039
- '10##0-qr.cn':80
- www.qq###168.com/qq01.exe
- 10##0-qr.cn/new.rar
- 10##0-qr.cn/hailiang.asp?ac##############################################################################################
- DNS ASK www.qq###168.com
- DNS ASK 10##0-qr.cn