Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'AppDomain' = '"%APPDATA%\AppDomain.exe"'
- '%APPDATA%\AppDomain.exe'
- %TEMP%\nsq5.tmp
- %TEMP%\nsm6.tmp\TaVKLkMcubDbdkkX
- %TEMP%\nsm6.tmp\VyXTuAynRuSknYFs.dll
- %APPDATA%\AppDomain.exe
- %TEMP%\nsm2.tmp
- %TEMP%\nss3.tmp\TaVKLkMcubDbdkkX
- %TEMP%\nss3.tmp\VyXTuAynRuSknYFs.dll
- %TEMP%\nsm6.tmp\VyXTuAynRuSknYFs.dll
- %TEMP%\nss3.tmp\VyXTuAynRuSknYFs.dll
- 'to####ps7.ddns.net':8888
- DNS ASK to####ps7.ddns.net