Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WinverBackend @VIDIA' = '<Полный путь к файлу>'
- 'www.at#####roffice2013.com':80
- 'www.as######wet5jtryuk45.com':80
- 'go#######1-site1.itempurl.com':80
- 'www.ex###doenem.com':80
- http://www.as######wet5jtryuk45.com/wordpress/token.html
- http://www.at#####roffice2013.com/wordpress/token.php
- http://www.ex###doenem.com/kbps1/token.html
- http://go#######1-site1.itempurl.com/count-scoob/downloaded.php
- DNS ASK www.at#####roffice2013.com
- DNS ASK www.as######wet5jtryuk45.com
- DNS ASK www.ex###doenem.com
- DNS ASK go#######1-site1.itempurl.com
- DNS ASK www.go##e.com
- ClassName: 'Shell_TrayWnd' WindowName: ''