Техническая информация
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\sftz1[1].exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\up[1].php
- 'br###ss78jh.cn':80
- 'ca###otnet.com':80
- 'localhost':1035
- br###ss78jh.cn/sftz1.exe
- ca###otnet.com/up.php?i=#########
- DNS ASK br###ss78jh.cn
- DNS ASK ca###otnet.com