Техническая информация
- '<SYSTEM32>\wxcames.dll'
- '<SYSTEM32>\taskkill.exe' /f /im wxcames.dll
- '<SYSTEM32>\cmd.exe' /c wxcames.dll.bat
- <SYSTEM32>\wxcames.dll
- <SYSTEM32>\wxcames.dll
- 'bi#####238.blog.163.com':80
- 'bi#####28.blog.sohu.com':80
- 'ne####ad.f3322.org':80
- 'dy####.blog.hexun.com':80
- bi#####238.blog.163.com/blog/static/210010286201382832715797/
- bi#####28.blog.sohu.com/278944622.html
- ne####ad.f3322.org/mao/wxnoad.html
- dy####.blog.hexun.com/88885462_d.html
- DNS ASK bi#####238.blog.163.com
- DNS ASK bi#####28.blog.sohu.com
- DNS ASK ne####ad.f3322.org
- DNS ASK dy####.blog.hexun.com
- ClassName: '(null)' WindowName: '(null)'