Техническая информация
- '<SYSTEM32>\cmd.exe' /c %TEMP%\MSBV4$$$$.bat
- %TEMP%\MSBV4$$$$.bat
- %TEMP%\guid.txt
- %APPDATA%\MSBV4\check.ini
- %TEMP%\guid.txt
- %APPDATA%\MSBV4\check.ini
- 'localhost':1039
- 'to#.##sidebar.co.kr':80
- http://to#.##sidebar.co.kr/app/guid.php
- http://to#.##sidebar.co.kr/app/ver.php?ta#############
- http://to#.##sidebar.co.kr/app/set.php
- DNS ASK to#.##sidebar.co.kr