Техническая информация
- '<SYSTEM32>\schtasks.exe' /create /sc onlogon /tn "Client Monitor" /rl highest /tr "'%ProgramFiles%\Client\Cleaner.exe' /startup" /f
- <SYSTEM32>\svchost.exe
- %TEMP%\k4Aod6.nxX1ccZdN
- %TEMP%\nso2.tmp\System.dll
- %ProgramFiles%\Client\Cleaner.exe
- %TEMP%\zh-cn.min.e55efe1f3ce203e47f80139a655623d0.js
- %TEMP%\modalWindow.js
- %TEMP%\feed574091987.rss+xml
- %TEMP%\feed938769595.xml
- 'my#####aa.hosters.xyz':8198
- 'my#######.advancedmonkeys.xyz':8198
- DNS ASK my#####aa.hosters.xyz
- DNS ASK my#######.advancedmonkeys.xyz