Техническая информация
- '%TEMP%\s2setup.exe' -x "<Имя вируса>"
- '%TEMP%\s2setup.exe' (загружен из сети Интернет)
- %TEMP%\s2setup.exe
- %TEMP%\s2cache.tmp
- %TEMP%\nso2.tmp\md5dll.dll
- %TEMP%\nso2.tmp\nsisdt.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\default[1].exe
- %TEMP%\nso2.tmp\inetc.dll
- %TEMP%\nso2.tmp\System.dll
- %TEMP%\nsj3.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\get[1].SP2&admin=1&name=<Имя вируса>
- %TEMP%\nso2.tmp\md5dll.dll
- %TEMP%\nso2.tmp\nsisdt.dll
- %TEMP%\nso2.tmp\System.dll
- %TEMP%\nsj3.tmp
- %TEMP%\s2setup.exe
- %TEMP%\nso2.tmp\inetc.dll
- 'up####.skymonk.net':80
- 'ap#.#kymonk.net':80
- up####.skymonk.net/installers/default.exe
- ap#.#kymonk.net/installer/get/?la#########################################
- DNS ASK up####.skymonk.net
- DNS ASK ap#.#kymonk.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '_SKYMONK2_STARTER_WND_' WindowName: ''
- ClassName: '_SKYMONK2_MAIN_WND_' WindowName: ''