Техническая информация
- <SYSTEM32>\cmd.exe /c %TEMP%\MSBV5au1$$.bat
- %TEMP%\guid.txt
- %TEMP%\MSBV5au1$$.bat
- %APPDATA%\MSBV5\check.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\guid[1].php
- %TEMP%\guid.txt
- %APPDATA%\MSBV5\check.ini
- 'localhost':1039
- 'zu#.##sidebar.co.kr':80
- zu#.##sidebar.co.kr/app/guid.php
- zu#.##sidebar.co.kr/app/ver.php?ta#############
- zu#.##sidebar.co.kr/setuplog/set/end.php
- zu#.##sidebar.co.kr/app/set.php
- zu#.##sidebar.co.kr/setuplog/set/begin.php
- DNS ASK zu#.##sidebar.co.kr
- '<IP-адрес в локальной сети>':1037