Техническая информация
- '%TEMP%\RarSFX0\Run.exe' 194067
- '<SYSTEM32>\regsvr32.exe' "%WINDIR%\Downloaded Program Files\HBLoad.dll" /s
- <SYSTEM32>\distributer.txt
- %TEMP%\RarSFX0\Run.exe
- %TEMP%\RarSFX0\HBLoad.dll
- %TEMP%\RarSFX0\Run.exe
- %TEMP%\RarSFX0\HBLoad.dll в %WINDIR%\Downloaded Program Files\HBLoad.dll
- 'dh##.#enbang.net':80
- dh##.#enbang.net/dhap/download.aspx
- DNS ASK dh##.#enbang.net
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''