Техническая информация
- '%TEMP%\0IlwjABt8RT05J6.exe'
- '%TEMP%\6O5wl6Bg43O3P8.exe' /in + /un /cb /rp /rf /mf /ai 14400 /ad 300 /pn "Costmin" /sf /ax /en 30 /path "#0\Supporter\Supporter.dll" /dn "Supporter 1.80" /prd "Supporter" /sn "Supporter" /iu "asp4Hwymrs/3mJLFHw4R5UlzU6zr8rFhAikmHwSKc9OBoLJwwkTLzzNRpintS5" /fd "Gh6N01262lmIMOQIKE1/I2zYi4chmo/jAS6HYR1puoJwEE" /fd "bJi6ysu1Dmtc4omjlhTJhdjDV1mOYR1Y9VPJI1aeJ2yS5cbn" /fd "nQ+lhabAjKZsPlhabcPC/UnCDkqKTrEhOw95H1agDG4dQj" /fd "V0Emjlh77H6KUDWYSUpxw7UtNMBoguj/UH94IJcUc7acQj" /pu "ADBQbcd8uYnPdYSUMOjULuDc6lZx9BVzJN2ARYGJI0WIvgmj38WIzZgUMLphn" /pid 5061
- '%TEMP%\730936134\nSBXWg.exe'
- '%TEMP%\730936134\FYpwUZ2Tq75bNnO.exe'
- '%TEMP%\730936134\i8Pd6sUy9.exe'
- '%TEMP%\6O5wl6Bg43O3P8.exe' (загружен из сети Интернет)
- '%TEMP%\0IlwjABt8RT05J6.exe' (загружен из сети Интернет)
- %TEMP%\730936134\Kc005wnd3622H2V.ini
- %TEMP%\0IlwjABt8RT05J6.exe
- %TEMP%\6O5wl6Bg43O3P8.exe
- %TEMP%\730936134\nSBXWg.exe
- %TEMP%\730936134\i8Pd6sUy9.exe
- %TEMP%\730936134\FYpwUZ2Tq75bNnO.exe
- %TEMP%\730936134\i8Pd6sUy9.exe
- %TEMP%\730936134\nSBXWg.exe
- %TEMP%\730936134\Kc005wnd3622H2V.ini
- %TEMP%\0IlwjABt8RT05J6.exe
- %TEMP%\6O5wl6Bg43O3P8.exe
- %TEMP%\730936134\FYpwUZ2Tq75bNnO.exe
- 'in#####collection.com':80
- 'su#####.costmin.info':80
- 'do#####d.costmin.info':80
- in#####collection.com/?HI#######################################
- su#####.costmin.info/
- do#####d.costmin.info/?e=########################################################################################################
- DNS ASK in#####collection.com
- DNS ASK su#####.costmin.info
- DNS ASK do#####d.costmin.info