Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MSCAP' = '%ALLUSERSPROFILE%\Application Data\ACA.exe'
- %ALLUSERSPROFILE%\Application Data\ACA.exe
- %TEMP%\~1.tmp
- %ALLUSERSPROFILE%\Application Data\ACA.exe
- 'we##.#eaftone.com':443
- 'we##.#eaftone.com':80
- we##.#eaftone.com/wKi+gvAK/YVVTRVItNEJCMDlBOUMwMi5BZG1pbmlzdHJhdG9yLEIwNWM.asp
- DNS ASK we##.#eaftone.com